Bug ID |
8549
|
Summary |
Patch 45480 causes 'Malformed Packet' errors in SMB READDIR responses
|
Classification |
Unclassified
|
Product |
Wireshark
|
Version |
1.9.x (Experimental)
|
Hardware |
All
|
OS |
All
|
Status |
UNCONFIRMED
|
Severity |
Normal
|
Priority |
Low
|
Component |
Wireshark
|
Assignee |
[email protected]
|
Reporter |
[email protected]
|
Created attachment 10518 [details]
Capture file that demostrates the problem
Build Information:
Version 1.9.3-SVN-48691 (SVN Rev Unknown from unknown)
Copyright 1998-2013 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (32-bit) with GTK+ 2.24.14, with Cairo 1.10.2, with Pango 1.30.1, with
GLib 2.34.1, with WinPcap (4_1_3), with libz 1.2.5, without POSIX capabilities,
without libnl, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.1, without Python,
with GnuTLS 2.12.18, with Gcrypt 1.4.6, with MIT Kerberos, with GeoIP, with
PortAudio V19-devel (built Apr 1 2013), with AirPcap.
Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.
Intel(R) Xeon(R) CPU E5507 @ 2.27GHz, with 4093MB of physical
memory.
Built using Microsoft Visual C++ 10.0 build 40219
--------------------------------------------------------------------------
--
Patch 45480 introduced the following check:
"tvb_ensure_bytes_exist(tvb, offset, neo ? neo : *bcp - ((unsigned)offset +
1));:
When the last entry in the directory listing is processed, 'neo' the next entry
offset is zero so bcp is checked. The 'bcp' variable is set to the remaining
reported bytes in the tvb. Subtracting the current offset +1 from *bcp usually
produces a negative result and causes the error.
You are receiving this mail because:
- You are watching all bug changes.