Bug ID |
11418
|
Summary |
Wireshark fails to notice short IPv6 packet
|
Product |
Wireshark
|
Version |
1.12.1
|
Hardware |
x86
|
OS |
Ubuntu
|
Status |
UNCONFIRMED
|
Severity |
Trivial
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
[email protected]
|
Reporter |
[email protected]
|
Build Information:
Version 1.12.1 (Git Rev Unknown from unknown)
Copyright 1998-2014 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 3.12.2, with Cairo 1.13.1, with Pango 1.36.6, with
GLib 2.42.0, with libpcap, with libz 1.2.8, with POSIX capabilities (Linux),
with libnl 3, with SMI 0.4.8, with c-ares 1.10.0, with Lua 5.2, without Python,
with GnuTLS 3.2.16, with Gcrypt 1.5.4, with MIT Kerberos, with GeoIP, with
PortAudio V19-devel (built Feb 25 2014 21:09:53), without AirPcap.
Running on Linux 3.16.0-44-generic, with locale en_US.UTF-8, with libpcap
version 1.6.2, with libz 1.2.8, GnuTLS 3.2.16, Gcrypt 1.5.4.
Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Built using gcc 4.9.1.
--
I 'hand craft' packets, and just added IPv6 support to my tool. So this is
about a TCP/IPv6 packet.
IPv6 doesn't have a checksum, but TCP does, and to calculate it, the IP header
needs to be inspected. Due to a misunderstanding, I originally had the IPv6
payload length field too big, so it was actually payload length + IPv6 header
length. The TCP checksum was then 'correctly' calculated, based on the
erroneous IPv6 header, and Wireshark showed the TCP checksum as correct.
Shouldn't Wireshark notice when an IPv6 packet says 'payload length is X', but
it's actually 'Y'?
You are receiving this mail because:
- You are watching all bug changes.