Wireshark-bugs: [Wireshark-bugs] [Bug 5523] New: WPS: RF bands decryption
Date: Mon, 27 Dec 2010 02:06:41 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5523

           Summary: WPS: RF bands decryption
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: masashi.honma@xxxxxxxxx


Build Information:
wireshark 1.5.0 (SVN Rev 35270 from /trunk)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.20.1, with GLib 2.24.2, with libpcap 1.1.1, with
libz 1.2.3.4, without POSIX capabilities, without libpcre, without SMI, without
c-ares, without ADNS, without Lua, without Python, without GnuTLS, without
Gcrypt, without Kerberos, without GeoIP, without PortAudio, without AirPcap.

Running on Linux 2.6.32-5-686, with libpcap version 1.1.1, with libz 1.2.3.4.

Built using gcc 4.4.5.

--
Hello.

I have found small bug in WPS information element decryption. The attribute is
RF Bands (0x103c). If the value is 0x01, it means 2.4GHz. If the value is 0x02,
it means 5GHz. But my card sends the value 0x03. This may indicates the card
supports both bands. So I think this would be decrypted to "2.4 and 5 GHz".
Currently wireshark decrypts it to "Unknown". I have read "Wi-Fi Simple
Configuration Specification DRAFT Version 2.0.0.51". It doesn't prohibit both
bit enabled.

If my thought is right, attached patch solves this issue.

Regards,
Masashi Honma.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.