Wireshark-bugs: [Wireshark-bugs] [Bug 6302] OSPF LSA length minimum values
Date: Thu, 01 May 2014 11:29:05 +0000

changed bug 6302

What Removed Added
CC   alexis.lagoutte@gmail.com

Comment # 13 on bug 6302 from
(In reply to comment #12)
> Perhaps I need to explain the intended purpose of this change.
> 
> My work with network protocols sometimes involves packets that are indeed
> malformed (as a result of a bug or even on intent). In such case having the
> packet analyzer auto-flagged all packets that violate the spec is very
> helpful.
> 
> Filing of this issue two years ago was motivated by the fact that Wireshark
> 1.4.8 didn't detect some (if not all) of the OSPF anomalies listed herein. I
> have just tested Wireshark 1.10.2 and it flags packet 27 of the 1st capture
> as malformed, fine. Yet it does not flag packet 19 of the same capture,
> which is against the spec (respective comment explains it). Packet 29 of the
> 2nd capture is correctly flagged malformed (without further explanation
> however).
> 
> The captures were produced specifically on request, they don't belong to a
> compliant OSPFv2 exchange. I suggest not only flagging the packet as
> malformed when any of the constraints listed here are not met but
> specifically mentioning that the length falls below the known threshold.
> 
> Do you need the final OSPFv2 constraint table?

Your idea is add a check of length of LSA to check LS type and length is > to a
normal length packet ?


You are receiving this mail because:
  • You are watching all bug changes.