Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 978] New: TIPC: Malformed Packet when valid "Cluster Internal Connection Based

Wireshark-bugs: [Wireshark-bugs] [Bug 978] New: TIPC: Malformed Packet when valid "Cluster Inter

Date: Wed, 28 Jun 2006 12:42:39 +0000 (GMT)

http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=978

           Summary: TIPC: Malformed Packet when valid "Cluster Internal
                    Connection Based Non-Routed Message"
           Product: Wireshark
           Version: 0.10.0 or older
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: martinmeis@xxxxxxxxxxxxxx


When sending a "Low Priority Payload Data(0) Sent on connection (CONN_MSG)(0)"
as a "Cluster Internal Connection Based Non-Routed Messages" between two hosts
it is shown to be a "[Malformed Packet]" and the TIPC message is not dissected.

According to http://tipc.sourceforge.net/doc/draft-spec-tipc-02.html (3.1.3.
Payload Message Header Size) this packet is a valid one with a 24 Byte header.
It seems like (valid) payload messages with 24 Byte are always recognized to be
malformed. 

When sending "bla" from one host to the other the message looks like:
0000   00 0e 0c 82 c4 d7 00 08 54 37 36 e7 88 ca 40 c0  ........T76...@.
0010   00 1c 00 08 00 00 9a 59 99 5c 01 00 10 01 9e 89  .......Y.\......
0020   9f db 93 d1 e0 1e 62 6c 61 0a                    ......bla.

PERL code to reproduce:
(IO::Socket::TIPC is Version 1.04 from CPAN)
===========
CLIENT:
===========
use IO::Socket::TIPC ":tipc";
$sock2 = IO::Socket::TIPC->new(
        SocketType => "seqpacket",
        Peer => "{1234, 100}",
);
while( <STDIN>) {
  $sock2->print( $_ );
}

===========
SERVER:
===========
use IO::Socket::TIPC ":tipc";
$sock1 = IO::Socket::TIPC->new(
  SocketType => "seqpacket",
  Listen => 1,
  Local => "{1234, 100}",
  LocalScope => "zone",
);
$client = $sock1->accept();
while(1) {
  $myInput = $client->getline();
  last unless defined($myInput);
  print $myInput ;
}
===========

LINUX (TIPC):
Linux linux-ha2 2.6.16.13-4-smp #1 SMP Wed May 3 04:53:23 UTC 2006 i686 i686
i386 GNU/Linux

WIRESHARK:
Version 0.99.1pre1

Compiled with GTK+ 2.8.10, with GLib 2.8.5, with libpcap 0.9.4, with libz
1.2.3,
without libpcre, without UCD-SNMP or Net-SNMP, without ADNS, without Lua.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running with libpcap version 0.9.4 on Linux 2.6.16.13-4-smp.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Follow-Ups:
- [Wireshark-bugs] [Bug 978] TIPC: Malformed Packet when valid "Cluster Internal Connection Based Non-Routed Message"
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 978] TIPC: Malformed Packet when valid "Cluster Internal Connection Based Non-Routed Message"
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 978] TIPC: Malformed Packet when valid "Cluster Internal Connection Based Non-Routed Message"
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 978] TIPC: Malformed Packet when valid "Cluster Internal Connection Based Non-Routed Message"
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 967] crash on fuzzed SNMP capture
Next by Date: [Wireshark-bugs] [Bug 978] TIPC: Malformed Packet when valid "Cluster Internal Connection Based Non-Routed Message"
Previous by thread: [Wireshark-bugs] [Bug 977] New: In H323 if the port is different then 1720 the H225 is not recognized
Next by thread: [Wireshark-bugs] [Bug 978] TIPC: Malformed Packet when valid "Cluster Internal Connection Based Non-Routed Message"
Index(es):
- Date
- Thread