Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 8549] New: Patch 45480 causes 'Malformed Packet' errors in SMB READDIR respons

Wireshark-bugs: [Wireshark-bugs] [Bug 8549] New: Patch 45480 causes 'Malformed Packet' errors in

Date: Tue, 02 Apr 2013 00:13:05 +0000

Bug ID	8549
Summary	Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
Classification	Unclassified
Product	Wireshark
Version	1.9.x (Experimental)
Hardware	All
OS	All
Status	UNCONFIRMED
Severity	Normal
Priority	Low
Component	Wireshark
Assignee	bugzilla-admin@wireshark.org
Reporter	turney_cal@emc.com

Created attachment 10518 [details]
Capture file that demostrates the problem

Build Information:
Version 1.9.3-SVN-48691 (SVN Rev Unknown from unknown)

Copyright 1998-2013 Gerald Combs <gerald@wireshark.org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.24.14, with Cairo 1.10.2, with Pango 1.30.1, with
GLib 2.34.1, with WinPcap (4_1_3), with libz 1.2.5, without POSIX capabilities,
without libnl, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.1, without Python,
with GnuTLS 2.12.18, with Gcrypt 1.4.6, with MIT Kerberos, with GeoIP, with
PortAudio V19-devel (built Apr  1 2013), with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.
Intel(R) Xeon(R) CPU           E5507  @ 2.27GHz, with 4093MB of physical
memory.


Built using Microsoft Visual C++ 10.0 build 40219

--------------------------------------------------------------------------
--
Patch 45480 introduced the following check: 

"tvb_ensure_bytes_exist(tvb, offset, neo ? neo : *bcp - ((unsigned)offset +
1));:     

When the last entry in the directory listing is processed, 'neo' the next entry
offset is zero so bcp is checked. The 'bcp' variable is set to the remaining
reported bytes in the tvb.  Subtracting the current offset +1 from *bcp usually
produces a negative result and causes the error.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 8548] IRC message with multiple params causes malformed packet exception
Next by Date: [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
Previous by thread: [Wireshark-bugs] [Bug 8548] IRC message with multiple params causes malformed packet exception
Next by thread: [Wireshark-bugs] [Bug 8549] Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
Index(es):
- Date
- Thread