[bugzilla-daemon@xxxxxxxxxxxxx]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7820

           Summary: wlan_mgt.ht.capabilities bits 8-15 incorrectly decoded
                    (from wrong packet offset)
           Product: Wireshark
           Version: 1.8.3
          Platform: x86
        OS/Version: Windows 7
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Dissection engine (libwireshark)
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: mark.phillips@xxxxxxxxxx


Created attachment 9310
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=9310
Look at the HT capabilities IE (not the VHT one)

Build Information:
Version 1.8.3 (SVN Rev 45256 from /trunk-1.8)

Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.10, with Cairo 1.10.2, with Pango 1.30.0, with
GLib 2.32.2, with WinPcap (4_1_2), with libz 1.2.5, without POSIX capabilities,
with SMI 0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS
2.12.18, with Gcrypt 1.4.6, without Kerberos, with GeoIP, with PortAudio
V19-devel (built Oct  2 2012), with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.

Built using Microsoft Visual C++ 10.0 build 40219

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The HT Capabilities IE starts as follows:-

0x21 Tag HT Capabilities
0x1a Tag length

0xad HT Capabilities Info B0-B7
0x09 HT Capabilities Info B8-B15

Note that the B8-B15 value is non-zero, but all the bits are decoded as 0!

I have appended an example of the decode.

The bug is that the code defines the bit fields as 16 bit, but increments the
offset in-between decoding B0-B7 and B8-B15 which causes the wrong bits to be
decoded.

        Tag: HT Capabilities (802.11n D1.10)
            Tag Number: HT Capabilities (802.11n D1.10) (45)
            Tag length: 26
            HT Capabilities Info: 0x09ad
                .... .... .... ...1 = HT LDPC coding capability: Transmitter
supports receiving LDPC coded packets
                .... .... .... ..0. = HT Support channel width: Transmitter
only supports 20MHz operation
                .... .... .... 11.. = HT SM Power Save: SM Power Save disabled
(0x0003)
                .... .... ...0 .... = HT Green Field: Transmitter is not able
to receive PPDUs with Green Field (GF) preamble
                .... .... ..1. .... = HT Short GI for 20MHz: Supported
                .... .... .0.. .... = HT Short GI for 40MHz: Not supported
                .... .... 1... .... = HT Tx STBC: Supported
                .... ..00 .... .... = HT Rx STBC: No Rx STBC support (0x0000)
                .... .0.. .... .... = HT Delayed Block ACK: Transmitter does
not support HT-Delayed BlockAck
                .... 0... .... .... = HT Max A-MSDU length: 3839 bytes
                ...0 .... .... .... = HT DSSS/CCK mode in 40MHz: Won't/Can't
use of DSSS/CCK in 40 MHz
                ..0. .... .... .... = HT PSMP Support: Won't/Can't support PSMP
operation
                .0.. .... .... .... = HT Forty MHz Intolerant: Use of 40 MHz
transmissions unrestricted/allowed
                0... .... .... .... = HT L-SIG TXOP Protection support: Not
supported

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.