Ethereal-dev: Re: [ethereal-dev] Possible bug in packet-ppp.c

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Gilbert Ramirez <gram@xxxxxxxxxx>
Date: Mon, 27 Mar 2000 12:03:59 -0600
On Mon, Mar 27, 2000 at 04:49:52AM -0600, Paul Ionescu wrote:
> 
> 
> I tried to spy a PPTP connection between a linux and a W2K. (The capture
> is attached to email)
> I think that maybe there is a bug somwhere because the ppp packed is not
> dissected correctly.
> There should be a valid PPP/LCP packet, but instead is reported as
> unknown PPP.
> The same capture dissected with Microsoft Netmon 2.0 reports unknown ppp
> too, but after that it shows the LCP frame.
> 
>  - pptp.cap

Yes, the GRE dissector is calling dissect_ppp_payload() when it really
should be calling dissect_ppp(), but a modified dissect_ppp() that can
take a byte offset argument. The LCP indicate "c021" is two bytes into
PPP part of the frame, but dissect_ppp_payload() is looking at the
the wrong offset.

A patch will follow....

--gilbert