Wireshark-bugs: [Wireshark-bugs] [Bug 6453] New: Two minor bugs in Wiretap library: The Network

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 12 Oct 2011 10:42:34 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6453

           Summary: Two minor bugs in Wiretap library: The Network
                    Instruments Observer file format abbreviation is
                    incorrect ("niobserverv") and the packet header magic
                    number is incorrectly byte swapped a second time when
                    reporting an invalid value
           Product: Wireshark
           Version: 1.7.x (Experimental)
          Platform: x86
        OS/Version: Windows XP
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: robert@xxxxxxxxxxxxxx


Robert Bullen <robert@xxxxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #7220|                            |review_for_checkin?
               Flag|                            |

Created an attachment (id=7220)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7220)
Patch for described bugs

Build Information:
TShark 1.7.0 (SVN Rev 39384 from /trunk)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GLib 2.26.1, with WinPcap (version unknown), without
libz, without POSIX capabilities, with threads support, with SMI 0.4.8, with
c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.10.3, with Gcrypt
1.4.6, with MIT Kerberos, with GeoIP.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.2
(packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch 1_0_rel0b
(20091008).

Built using Microsoft Visual C++ 10.0 build 40219

--
First bug: The Network Instruments Observer file format abbreviation is
incorrect. It is "niobserverv" instead of "niobserver", which is probably a
vestige from 1.4 when the abbreviation was "niobserverv9".

Second bug: The packet header magic number field is correctly swapped the first
time when reading the entire packet header. It is incorrectly swapped yet again
when reporting an invalid value. Both swaps use GUINT_FROM_LE, which is a no-op
on little-endian platforms. But the error message that is displayed to users of
big-endian platforms will contain a byte-reversed value.

The attached patch is for the 1.7 branch, but these bugs also affect the 1.6
branch.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.