http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2272
Summary: DNS dissector incorrect when length field is in frame of
its own
Product: Wireshark
Version: 0.99.6
Platform: PC
OS/Version: Linux
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: David.Leonard@xxxxxxxxx
Created an attachment (id=1461)
--> (http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1461)
TCP DNS tcpdump
Build Information:
wireshark 0.99.6
Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.0, with GLib 2.14.1, with libpcap 0.9.7, with libz
1.2.3.3, with libpcre 7.4, without Net-SNMP, with ADNS, without Lua, with
GnuTLS
1.6.3, with Gcrypt 1.2.4, with MIT Kerberos, with PortAudio <= V18, without
AirPcap.
Running on Linux 2.6.22-14-generic, with libpcap version 0.9.7.
Built using gcc 4.1.3 20070929 (prerelease) (Ubuntu 4.1.2-16ubuntu2).
--
I have a DNS application that sends the header field first with a TCP write(),
and then the rest of the payload with a later write(). On the wire this appears
as two TCP packets.
Unfortunately, the DNS dissector will be misaligned when it sees the second
packet, displaying the wrong length and other information.
See frames 4 and 6 of the attachment taken with tcpdump.
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.