Wireshark-bugs: [Wireshark-bugs] [Bug 7622] New: [Malformed Packet: TDS] DONE token breakout has
Date: Sun, 12 Aug 2012 13:51:34 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7622 Summary: [Malformed Packet: TDS] DONE token breakout has wrong length Product: Wireshark Version: 1.8.1 Platform: x86 OS/Version: Windows XP Status: NEW Severity: Normal Priority: Low Component: Dissection engine (libwireshark) AssignedTo: bugzilla-admin@xxxxxxxxxxxxx ReportedBy: david.sandman@xxxxxxxxxx Created attachment 8944 --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=8944 exported the packets for file > export. did a range of 12 - 15 Build Information: Version 1.8.1 (SVN Rev 43946 from /trunk-1.8) Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (32-bit) with GTK+ 2.24.10, with Cairo 1.10.2, with Pango 1.30.0, with GLib 2.32.2, with WinPcap (4_1_2), with libz 1.2.5, without POSIX capabilities, with SMI 0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.12.18, with Gcrypt 1.4.6, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 23 2012), with AirPcap. Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1 beta5 (packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap. Built using Microsoft Visual C++ 10.0 build 40219 Wireshark is Open Source Software released under the GNU General Public License. Check the man page and http://www.wireshark.org for more information. -- DoneRowCount should be 8 Bytes long as of TDS 7.2 >From specification [MS-TDS].pdf DoneRowCount = LONG / ULONGLONG; (Changed to ULONGLONG in TDS 7.2) This is in the response (04) to the login request in clear text I addeded an attachment of a file > export of a a range of packets that show the pre-login request, response, login request, response(Malformed) There is a SQL Server version field in the login ACK token in the same packet that might be used to determine TDS version. The actual TDSVersion is in the pre-login if you can retain that data for subsequent packet breakouts. Thankx David Sandman Load Test Engineering Consultant BCBS of SC Incase you can not read that, here is a copy/past of the displayed packet 0000 00 23 ae b1 67 27 00 21 d8 b7 c0 40 08 00 45 00 .#..g'.! ...@..E. 0010 01 f5 38 4a 40 00 7c 06 a7 8a 0a b4 ff 39 0a 1e ..8J@.|. .....9.. 0020 09 23 05 99 0e 94 cd 6e 30 a7 70 24 f2 7a 50 18 .#.....n 0.p$.zP. 0030 f9 da 01 47 00 00 04 01 01 cd 00 36 01 00 e3 17 ...G.... ...6.... 0040 00 01 04 55 00 4e 00 49 00 54 00 06 6d 00 61 00 ...U.N.I .T..m.a. 0050 73 00 74 00 65 00 72 00 ab 8e 00 45 16 00 00 02 s.t.e.r. ...E.... 0060 00 23 00 43 00 68 00 61 00 6e 00 67 00 65 00 64 .#.C.h.a .n.g.e.d 0070 00 20 00 64 00 61 00 74 00 61 00 62 00 61 00 73 . .d.a.t .a.b.a.s 0080 00 65 00 20 00 63 00 6f 00 6e 00 74 00 65 00 78 .e. .c.o .n.t.e.x 0090 00 74 00 20 00 74 00 6f 00 20 00 27 00 55 00 4e .t. .t.o . .'.U.N 00a0 00 49 00 54 00 27 00 2e 00 1d 41 00 37 00 30 00 .I.T.'.. ..A.7.0. 00b0 54 00 55 00 43 00 4f 00 4d 00 50 00 41 00 59 00 T.U.C.O. M.P.A.Y. 00c0 44 00 30 00 30 00 31 00 5c 00 55 00 43 00 4f 00 D.0.0.1. \.U.C.O. 00d0 4d 00 50 00 41 00 59 00 44 00 30 00 30 00 31 00 M.P.A.Y. D.0.0.1. 00e0 44 00 42 00 00 01 00 00 00 e3 08 00 07 05 09 04 D.B..... ........ 00f0 d0 00 34 00 e3 17 00 02 0a 75 00 73 00 5f 00 65 ..4..... .u.s._.e 0100 00 6e 00 67 00 6c 00 69 00 73 00 68 00 00 ab 96 .n.g.l.i .s.h.... 0110 00 47 16 00 00 01 00 27 00 43 00 68 00 61 00 6e .G.....' .C.h.a.n 0120 00 67 00 65 00 64 00 20 00 6c 00 61 00 6e 00 67 .g.e.d. .l.a.n.g 0130 00 75 00 61 00 67 00 65 00 20 00 73 00 65 00 74 .u.a.g.e . .s.e.t 0140 00 74 00 69 00 6e 00 67 00 20 00 74 00 6f 00 20 .t.i.n.g . .t.o. 0150 00 75 00 73 00 5f 00 65 00 6e 00 67 00 6c 00 69 .u.s._.e .n.g.l.i 0160 00 73 00 68 00 2e 00 1d 41 00 37 00 30 00 54 00 .s.h.... A.7.0.T. 0170 55 00 43 00 4f 00 4d 00 50 00 41 00 59 00 44 00 U.C.O.M. P.A.Y.D. 0180 30 00 30 00 31 00 5c 00 55 00 43 00 4f 00 4d 00 0.0.1.\. U.C.O.M. 0190 50 00 41 00 59 00 44 00 30 00 30 00 31 00 44 00 P.A.Y.D. 0.0.1.D. 01a0 42 00 00 01 00 00 00 ad 36 00 01 73 0b 00 03 16 B....... 6..s.... 01b0 4d 00 69 00 63 00 72 00 6f 00 73 00 6f 00 66 00 M.i.c.r. o.s.o.f. 01c0 74 00 20 00 53 00 51 00 4c 00 20 00 53 00 65 00 t. .S.Q. L. .S.e. 01d0 72 00 76 00 65 00 72 00 00 00 00 00 0a 32 0a d4 r.v.e.r. .....2.. 01e0 e3 13 00 04 04 34 00 30 00 39 00 36 00 04 34 00 .....4.0 .9.6..4. 01f0 30 00 39 00 36 00 fd 00 00 00 00 00 00 00 00 00 0.9.6... ........ 0200 00 00 00 ... -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 7622] [Malformed Packet: TDS] DONE token breakout has wrong length
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 7622] [Malformed Packet: TDS] DONE token breakout has wrong length
- Prev by Date: [Wireshark-bugs] [Bug 7621] New: Buildbot crash output: fuzz-2012-08-12-1080.pcap
- Next by Date: [Wireshark-bugs] [Bug 7621] Buildbot crash output: fuzz-2012-08-12-1080.pcap
- Previous by thread: [Wireshark-bugs] [Bug 7621] Buildbot crash output: fuzz-2012-08-12-1080.pcap
- Next by thread: [Wireshark-bugs] [Bug 7622] [Malformed Packet: TDS] DONE token breakout has wrong length
- Index(es):