Wireshark-bugs: [Wireshark-bugs] [Bug 4716] New: tcp dissector doesn't decode TCP segments of le

Date: Tue, 27 Apr 2010 00:16:10 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4716

           Summary: tcp dissector doesn't decode TCP segments of length 1
           Product: Wireshark
           Version: 1.2.6
          Platform: x86
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: Medium
         Component: TShark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: alantu@xxxxxxxx


Created an attachment (id=4577)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4577)
data.pcap is a pcap that demonstrates the bug.

Build Information:
TShark 1.2.6 (SVN Rev 31702)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GLib 2.22.3, with WinPcap (version unknown), with libz 1.2.3,
without POSIX capabilities, without libpcre, with SMI 0.4.8, with c-ares 1.7.0,
with Lua 5.1, with GnuTLS 2.8.5, with Gcrypt 1.4.5, with MIT Kerberos, with
GeoIP.

Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.1.1
(packet.dll version 4.1.0.1753), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), GnuTLS 2.8.5, Gcrypt 1.4.5.

Built using Microsoft Visual C++ 9.0 build 30729

--
Please ignore bad IP checksums, IP addresses have been rewritten.

Run
tshark -r data.pcap -T fields -e frame.number -e tcp.seq -e tcp.len -e
tcp.nxtseq -e data.data

Notice that frame 5 shows tcp.len of 1, tcp.seq of 105, and tcp.nxtseq is 106.
There is a TCP payload of 1 byte! Yet tshark thinks this is a window probe and
doesn't recognize the data payload. data.data should display the hex of the
1-byte payload in frame 5.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.