Wireshark-bugs: [Wireshark-bugs] [Bug 10559] New: IPv6 RPL option is read as less bytes than it
Bug ID |
10559
|
Summary |
IPv6 RPL option is read as less bytes than it is
|
Product |
Wireshark
|
Version |
1.12.1
|
Hardware |
x86-64
|
OS |
Windows 7
|
Status |
UNCONFIRMED
|
Severity |
Normal
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
bugzilla-admin@wireshark.org
|
Reporter |
boaz.brickner@gmail.com
|
Created attachment 13159 [details]
IPv6 RPL option with data length of 7 bytes that is read as if it was with data
length of 4 bytes
Build Information:
Version 1.12.1 (v1.12.1-0-g01b65bf from master-1.12)
Copyright 1998-2014 Gerald Combs <gerald@wireshark.org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.10.2, with Pango 1.34.0, with
GLib 2.38.0, with WinPcap (4_1_3), with libz 1.2.5, with SMI 0.4.8, with c-ares
1.9.1, with Lua 5.2, without Python, with GnuTLS 3.1.22, with Gcrypt 1.6.0,
without Kerberos, with GeoIP, with PortAudio V19-devel (built Sep 16 2014),
with
AirPcap.
Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 3.1.22, Gcrypt 1.6.0, without AirPcap.
Intel(R) Core(TM) i5-3550 CPU @ 3.30GHz, with 16345MB of physical
memory.
Built using Microsoft Visual C++ 10.0 build 40219
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
Discovered while working on Pcap.Net (http://pcapdot.net)
In the attached pcap file, there's an IPv6 packet with Hop-by-Hop Option
extension header with several option.
The 6th option is an RPL option.
The data length as written and parsed by Wireshark is 7 so the total length of
the option is 9 bytes, and it is marked correctly.
However, the next option is being read only 6 bytes after the RPL option's
start, instead of 9 bytes and is so read incorrectly.
You can see that when clicking on the two options there 3 bytes overlap between
them.
You are receiving this mail because:
- You are watching all bug changes.