Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 12568] Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length is l

Wireshark-bugs: [Wireshark-bugs] [Bug 12568] Wireshark is marking BGP FlowSpec NLRI as malformed

Date: Wed, 29 Jun 2016 12:30:30 +0000

Comment # 7 on bug 12568 from [email protected]

yes, i can open the link now. 

I don't think that this will fix the problem.

Please consult RFC5575 section 4.


what seems to be wrong in the original code is the following line:

tot_flow_len = len_16 >> 4;

The length is encoded as 2 byte in case of > 239 with most significant nibble
all ones.

So what you will have in len_16 is 0xfnnn. You must therefore skip the ones in
the most significant nibble to all zero. I guess a bitmask would work here
perfectly.

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 12568] New: Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length is larger than 239 bytes
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 12563] Wireshark crashes when using "Export Packet Bytes"
Next by Date: [Wireshark-bugs] [Bug 12568] Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length is larger than 239 bytes
Previous by thread: [Wireshark-bugs] [Bug 12568] Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length is larger than 239 bytes
Next by thread: [Wireshark-bugs] [Bug 12568] Wireshark is marking BGP FlowSpec NLRI as malformed if NLRI length is larger than 239 bytes
Index(es):
- Date
- Thread