Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 5643] RTCP Packet shows incorrect length(in sniffs) in a particular wireshark

Wireshark-bugs: [Wireshark-bugs] [Bug 5643] RTCP Packet shows incorrect length(in sniffs) in a p

Date: Tue, 1 Feb 2011 07:08:10 -0800 (PST)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5643

Anders Broman <anders.broman@xxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID

--- Comment #3 from Anders Broman <anders.broman@xxxxxxxxxxxx> 2011-02-01 07:08:09 PST ---
Hi,
You'll have to refere to the RTCP RFC but from what I can see Wireshark
thinks it has decoded all the data but 24 unacounted  bytes remain hence the
Expert info.

..0. .... = Padding: False - No extra padding
...0 0001 = Source count: 1 - is one so there should only be one chunk there.

The CNAME is 24 bytes and the next type is END (0) which stops the dissection.
So the frame looks malformed to me.

The reason for earlier versions not detecting that is most probably the the
check didn't exist.

Best regards
Anders

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

References:
- [Wireshark-bugs] [Bug 5643] New: RTCP Packet shows incorrect length(in sniffs) in a particular wireshark version
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 4589] RTCP frame length check error while there is an XR(extended report) in RTCP
Next by Date: [Wireshark-bugs] [Bug 5636] Cleanup 802.11 Dissector : Make checkhf Happy
Previous by thread: [Wireshark-bugs] [Bug 5643] RTCP Packet shows incorrect length(in sniffs) in a particular wireshark version
Next by thread: [Wireshark-bugs] [Bug 5636] Cleanup 802.11 Dissector : Make checkhf Happy
Index(es):
- Date
- Thread