Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 6711] New: [UDP] - Length Field of Pseudo Header while computing CheckSum is n

Wireshark-bugs: [Wireshark-bugs] [Bug 6711] New: [UDP] - Length Field of Pseudo Header while com

Date: Thu, 5 Jan 2012 05:10:49 -0800 (PST)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6711

           Summary: [UDP] - Length Field of Pseudo Header while computing
                    CheckSum is not correct
           Product: Wireshark
           Version: 1.6.4
          Platform: x86
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: siva.kodali026@xxxxxxxxx


Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
The "Upper Layer Length" field in the formation of Pseudo Header is not
correct. The tool always takes it from the IPv6 Header(Payload Length)instead
of "Length" field of UDP Header, which is violation of RFC

In the example below, there are "2" PAD Bytes(FF FF) in UDP Layer, because of
this "Length" field of UDP Header(0x0E) doesn't match to "Payload Length" Field
of IPv6 Header(0x10).

 0000 : 86 f8 a7 92 5f 89 57 58 14 13 0f dd 86 dd 6d 5e
 0010 : 48 1b 00 10 11 34 68 18 61 4b 64 b5 be 04 6f 80
 0020 : 9e f8 d3 a2 a8 d4 90 34 3f 1b c3 a1 3d 71 27 25
 0030 : 36 24 6f 99 3a 1a ff 08 6a 59 00 0e f2 ac bb bb
 0040 : cc cc cc cc ff ff dd dd dd dd dd ee ee ee 00 00
 0050 : 00 00

As per RFC 2460:
http://www.faqs.org/rfcs/rfc2460.html

8.1 Upper-Layer Checksums   
 o  The Upper-Layer Packet Length in the pseudo-header is the
         length of the upper-layer header and data (e.g., TCP header
         plus TCP data).  Some upper-layer protocols carry their own
         length information (e.g., the Length field in the UDP header);
         for such protocols, that is the length used in the pseudo-
         header.  Other protocols (such as TCP) do not carry their own
         length information, in which case the length used in the
         pseudo-header is the Payload Length from the IPv6 header, minus
         the length of any extension headers present between the IPv6
         header and the upper-layer header.

Expected UDP Check Sum           : 0xf2ac
CheckSum as computed by WireShark: 0xf2aa

Regards,
-Siva

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 6711] [UDP] - Length Field of Pseudo Header while computing CheckSum is not correct
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 6711] [UDP] - Length Field of Pseudo Header while computing CheckSum is not correct
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 6711] [UDP] - Length Field of Pseudo Header while computing CheckSum is not correct
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 6710] New: Malformed packet AMS for Read Device Info Read State Request
Next by Date: [Wireshark-bugs] [Bug 6711] [UDP] - Length Field of Pseudo Header while computing CheckSum is not correct
Previous by thread: [Wireshark-bugs] [Bug 6710] New: Malformed packet AMS for Read Device Info Read State Request
Next by thread: [Wireshark-bugs] [Bug 6711] [UDP] - Length Field of Pseudo Header while computing CheckSum is not correct
Index(es):
- Date
- Thread