Wireshark-bugs: [Wireshark-bugs] [Bug 11761] New: LDAP decode shows invalid number of results fo

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 24 Nov 2015 10:27:00 +0000
Bug ID 11761
Summary LDAP decode shows invalid number of results for searchResEntry packets
Product Wireshark
Version 1.12.4
Hardware x86
OS Windows 7
Status UNCONFIRMED
Severity Normal
Priority Low
Component GTK+ UI
Assignee [email protected]
Reporter [email protected] 

Created attachment 14030 [details]
click between packet #10 and #11 back and forth, and notice the increasing
number of results value in the decode of packet #11, i think it is a bug of
packet decoder

Build Information:
Version 1.12.4 (v1.12.4-0-gb4861da from master-1.12)

Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.24.23, with Cairo 1.10.2, with Pango 1.34.0, with
GLib 2.38.0, with WinPcap (4_1_3), with libz 1.2.5, with SMI 0.4.8, with c-ares
1.9.1, with Lua 5.2, without Python, with GnuTLS 3.2.15, with Gcrypt 1.6.2,
with
MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Mar  4 2015), with
AirPcap.

Running on 32-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 3.2.15, Gcrypt 1.6.2, without AirPcap.
        Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz, with 3476MB of physical
memory.


Built using Microsoft Visual C++ 10.0 build 40219

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
LDAP decode shows invalid number of results.

If I click betwen the "searchRequest" and the "searchResEntry" packets back and
forth, the "searchResEntry" decoder increases the value in the number of
results brackets.

first click on "searchResEntry" shows this:

--------------------------------------------
Frame 11: 909 bytes on wire (7272 bits), 909 bytes captured (7272 bits)
Ethernet II, Src: HewlettP_ad:45:f8 (6c:3b:e5:ad:45:f8), Dst: HewlettP_6b:ed:30
(d8:9d:67:6b:ed:30)
Internet Protocol Version 4, Src: 10.23.12.166 (10.23.12.166), Dst:
10.23.12.162 (10.23.12.162)
Transmission Control Protocol, Src Port: 4089 (4089), Dst Port: 42898 (42898),
Seq: 1326, Ack: 798, Len: 843
Lightweight Directory Access Protocol
    LDAPMessage searchResEntry(3) "uid=nandi_testuser_123,ou=users,o=matavnet"
[1 results]
        messageID: 3
        protocolOp: searchResEntry (4)
        [Response To: 10]
        [Time: 0.000435000 seconds]
--------------------------------------------



click away to searchRequest then click back to searchResEntry packet, shows
this:
--------------------------------------------
No.     Time        Source                Destination           Protocol Length
Info
     11 0.004979    10.23.12.166          10.23.12.162          LDAP     909   
searchResEntry(3) "uid=nandi_testuser_123,ou=users,o=matavnet" 

Frame 11: 909 bytes on wire (7272 bits), 909 bytes captured (7272 bits)
Ethernet II, Src: HewlettP_ad:45:f8 (6c:3b:e5:ad:45:f8), Dst: HewlettP_6b:ed:30
(d8:9d:67:6b:ed:30)
Internet Protocol Version 4, Src: 10.23.12.166 (10.23.12.166), Dst:
10.23.12.162 (10.23.12.162)
Transmission Control Protocol, Src Port: 4089 (4089), Dst Port: 42898 (42898),
Seq: 1326, Ack: 798, Len: 843
Lightweight Directory Access Protocol
    LDAPMessage searchResEntry(3) "uid=nandi_testuser_123,ou=users,o=matavnet"
[2 results]
        messageID: 3
        protocolOp: searchResEntry (4)
        [Response To: 10]
        [Time: 0.000435000 seconds]
--------------------------------------------


Notice the increasing number of results on the same packet!

See the attached pcap file!

i think it is a bug of packet decoder.

You are receiving this mail because:
  • You are watching all bug changes.