Wireshark-bugs: [Wireshark-bugs] [Bug 10809] New: Zebra dissector highlights wrong byte for vers
Date: Sat, 27 Dec 2014 18:27:49 +0000
Bug ID 10809
Summary Zebra dissector highlights wrong byte for version and is missing some fields
Product Wireshark
Version 1.99.x (Experimental)
Hardware x86
OS Mac OS X 10.4
Status UNCONFIRMED
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter hadrielk@yahoo.com

Build Information:
Wireshark 1.99.2 (v1.99.2rc0-281-g4536271 from unknown)

Copyright 1998-2014 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.17, with Cairo 1.12.14, with Pango 1.30.1,
with
libpcap, without POSIX capabilities, with libz 1.2.5, with GLib 2.36.0, with
SMI
0.4.8, with c-ares 1.10.0, with Lua 5.2, with GnuTLS 3.1.22, with Gcrypt 1.5.3,
with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 11 2014
17:33:32), with AirPcap.

Running on Mac OS X 10.9.5, build 13F34 (Darwin 13.4.0), with locale
en_US.UTF-8, with libpcap version 1.3.0 - Apple version 41, with libz 1.2.8,
with GnuTLS 2.12.19, with Gcrypt 1.5.0, without AirPcap.
Intel(R) Core(TM) i7-4960HQ CPU @ 2.60GHz (with SSE4.2)

Built using clang 4.2.1 Compatible Apple LLVM 6.0 (clang-600.0.56).
--
For version 1+ of the Zebra protocol, the dissector highlights the marker field
byte as the version field. It also thinks the ISIS route type is a BGP route
type, and is not dissecting the route type field in a ZEBRA_REDISTRIBUTE_DELETE
message. For version 2 of the Zebra protocol, it's not dissecting the SAFI
field in route messages, which screws up the dissection of the rest of the
message.

For some capture file samples, see bug 9219.

I have a patch I'll be uploading shortly.


You are receiving this mail because:
  • You are watching all bug changes.