Wireshark-bugs: [Wireshark-bugs] [Bug 10361] UDPlite checksum miscomputed for IP packets with ex
Tom Phinney
changed
bug 10361
| What |
Removed |
Added |
| Status |
UNCONFIRMED
|
RESOLVED
|
| Resolution |
---
|
NOTABUG
|
Comment # 6
on bug 10361
from Tom Phinney
My apologies for reporting this as a bug. I'm working on a multi-company,
multi-continent project, evaluating work being done by others. One of the
members of the team whose work is being evaluated searched the Wireshark source
and reported what he thought was the cause of the errors in one of their
submissions that I had evaluated. I was leaving for a multi-hour event, so
posted a bug report based on the information I had received without first
verifying the reported analysis of the Wireshark code.
In response to Guy Harris's comments, I downloaded and checked the Wireshark
source myself, confirming that for IP.protocol == 17 (UDP), the checksum
computation uses both both the UDP length explicitly specified in the UDP
header and the IP payload length (which goes into the virtual header), as
required by RFC768.
At that point I manually computed a checksum for an example IPv4+UDP packet
that Wireshark had disassembled and declared that the UDP checksum was in
error. My evaluation agreed with Wireshark's: the checksum conveyed in the UDP
PDU actually was in error. I've communicated back to the other people involved
in this project about what I consider to be the likely cause of THEIR error. At
this point I do not believe that Wireshark is in error with regard to this
issue.
If there were a status of WITHDRAWN for these bug reports, I would choose it.
Lacking that alternative, I consider this but to be RESOLVED. It is NOTABUG
because it works correctly, per the above discussion.
You are receiving this mail because:
- You are watching all bug changes.
