Wireshark-bugs: [Wireshark-bugs] [Bug 1672] New: RTP MPEG-II Transport Stream flow packet length

Date: Wed, 4 Jul 2007 13:03:28 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1672

           Summary: RTP MPEG-II Transport Stream flow packet length pointer
                    error
           Product: Wireshark
           Version: 0.99.5
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: Normal
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: thomas_rasmus44@xxxxxxxxxxx


Build Information:
Version 0.99.5 (SVN Rev 20677)

Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.10.7, with GLib 2.12.7, with WinPcap (version unknown),
with libz 1.2.3, with libpcre 6.4, with Net-SNMP 5.4, with ADNS, with Lua 5.1,
with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio
PortAudio V19-devel, with AirPcap.

Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0
(packet.dll version 4.0.0.755), based on libpcap version 0.9.5, without
AirPcap.

Built using Microsoft Visual C++ 6.0 build 8804

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The length of each flow packet (ISO/IEC 13818-1) is 188 bytes. Wireshark
decodes the first flow packet correctly and displays the entire 188 bytes
correct.

The first byte of the next flow packet is sometimes not:
Flow packet start = (previous start + 188)
but incorretly
Flow packet start = (previous start + 172)

This corrupts the rest of the decoding of the RTP payload. It can easily be
seen when the sync byte 0x47 is not correct, and PID's for the different flow
packages are thus wrong.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.