Bug ID |
12791
|
Summary |
MySQL: with large responses, packet number can overflow and a response can be incorrectly parsed as a server greeting
|
Product |
Wireshark
|
Version |
Git
|
Hardware |
x86
|
OS |
Mac OS X 10.11
|
Status |
UNCONFIRMED
|
Severity |
Normal
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
[email protected]
|
Reporter |
[email protected]
|
Created attachment 14856 [details]
000_check_conn_state_for_greeting.patch
Build Information:
Wireshark 2.3.0 (v2.3.0rc0-457-gfa320f8 from master)
Copyright 1998-2016 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with Qt 5.6.1, with libpcap, without POSIX capabilities, with
GLib 2.48.1, with zlib 1.2.5, without SMI, without c-ares, without Lua, without
GnuTLS, with Gcrypt 1.6.4, with MIT Kerberos, without GeoIP, with QtMultimedia,
without AirPcap.
Running on Mac OS X 10.11.4, build 15E65 (Darwin 15.4.0), with locale
en_GB.UTF-8, with libpcap version 1.5.3 - Apple version 54, with Gcrypt 1.6.4,
with zlib 1.2.5.
Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz (with SSE4.2)
Built using clang 4.2.1 Compatible Apple LLVM 7.3.0 (clang-703.0.29).
--
There appears to be an assumption that a packet number of 0 is always a server
greeting, but this should probably only be true when the state is undefined
(e.g. at the start of a connection).
You are receiving this mail because:
- You are watching all bug changes.