Wireshark-bugs: [Wireshark-bugs] [Bug 6302] OSPF LSA length minimum values
Date: Thu, 19 Jun 2014 12:20:05 +0000

Comment # 20 on bug 6302 from
I confirm all the packets from the sample capture you mention are indeed
malformed.

As far as it is possible to tell without compiling and testing I confirm the
change 2292 correctly encodes the OSPFv2 LSA minimum length table, which is as
follows:

(LS type) (length constraint)

1 Router LSA: >= 24 bytes (>= 0 link descriptor(s) required)
2 Network LSA: >= 28 bytes (>= 1 router-ID(s) required)
3 Summary LSA: >= 28 bytes (>= 1 TOS metric block(s) required)
4 Summary LSA: >= 28 bytes (>= 1 TOS metric block(s) required)
5 AS-External LSA: >= 36 bytes (>= 1 TOS forwarding block(s) required)
7 NSSA LSA: >= 36 bytes (>= 1 TOS forwarding block(s) required)
9 Opaque Link LSA: >= 20 bytes
10 Opaque Area LSA: >= 20 bytes
11 Opaque AS LSA: >= 20 bytes

Please note it seems necessary to make sure ls_type is within the valid range
before the check below, otherwise it can access beyond the end of
ls_length_constraints[]:

if(ls_length < ls_length_constraints[ls_type]) {

Thank you.


You are receiving this mail because:
  • You are watching all bug changes.