| Bug ID |
12791
|
| Summary |
MySQL: with large responses, packet number can overflow and a response can be incorrectly parsed as a server greeting
|
| Product |
Wireshark
|
| Version |
Git
|
| Hardware |
x86
|
| OS |
Mac OS X 10.11
|
| Status |
UNCONFIRMED
|
| Severity |
Normal
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 14856 [details]
000_check_conn_state_for_greeting.patch
Build Information:
Wireshark 2.3.0 (v2.3.0rc0-457-gfa320f8 from master)
Copyright 1998-2016 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with Qt 5.6.1, with libpcap, without POSIX capabilities, with
GLib 2.48.1, with zlib 1.2.5, without SMI, without c-ares, without Lua, without
GnuTLS, with Gcrypt 1.6.4, with MIT Kerberos, without GeoIP, with QtMultimedia,
without AirPcap.
Running on Mac OS X 10.11.4, build 15E65 (Darwin 15.4.0), with locale
en_GB.UTF-8, with libpcap version 1.5.3 - Apple version 54, with Gcrypt 1.6.4,
with zlib 1.2.5.
Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz (with SSE4.2)
Built using clang 4.2.1 Compatible Apple LLVM 7.3.0 (clang-703.0.29).
--
There appears to be an assumption that a packet number of 0 is always a server
greeting, but this should probably only be true when the state is undefined
(e.g. at the start of a connection).
You are receiving this mail because:
- You are watching all bug changes.