Wireshark-bugs: [Wireshark-bugs] [Bug 2272] New: DNS dissector incorrect when length field is in

Date: Fri, 15 Feb 2008 04:33:55 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2272

           Summary: DNS dissector incorrect when length field is in frame of
                    its own
           Product: Wireshark
           Version: 0.99.6
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: David.Leonard@xxxxxxxxx


Created an attachment (id=1461)
 --> (http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1461)
TCP DNS tcpdump

Build Information:
wireshark 0.99.6

Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.0, with GLib 2.14.1, with libpcap 0.9.7, with libz
1.2.3.3, with libpcre 7.4, without Net-SNMP, with ADNS, without Lua, with
GnuTLS
1.6.3, with Gcrypt 1.2.4, with MIT Kerberos, with PortAudio <= V18, without
AirPcap.

Running on Linux 2.6.22-14-generic, with libpcap version 0.9.7.

Built using gcc 4.1.3 20070929 (prerelease) (Ubuntu 4.1.2-16ubuntu2).

--

I have a DNS application that sends the header field first with a TCP write(),
and then the rest of the payload with a later write(). On the wire this appears
as two TCP packets. 

Unfortunately, the DNS dissector will be misaligned when it sees the second
packet, displaying the wrong length and other information.

See frames 4 and 6 of the attachment taken with tcpdump.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.