I'm running into this bug with 0.99.7 on i386 linux. Seems like I'm getting this error every time wireshark encounters an SNMP response that contains 64-bit counter types.
Here's the output:
User Datagram Protocol, Src Port: snmp (161), Dst Port: 43403 (43403)
Source port: snmp (161)
Destination port: 43403 (43403)
Length: 702
Checksum: 0x4faf [correct]
[Good Checksum: True]
[Bad Checksum: False]
Simple Network Management Protocol
version: v2c (1)
community:
xxxxxxxx
data: get-response (2)
get-response
request-id: 916977578
error-status: noError (0)
error-index: 0
variable-bindings: 32 items
VarBind
Object Name: 1.3.6.1.2.1.31.1.1.1.10.2 (iso.3.6.1.2.1.31.1.1.1.10.2)
[Dissector bug, protocol SNMP: proto.c:2954: failed assertion "(guint)hfindex < gpa_hfinfo.len"]
Analyzing the same exact file on an x86-64 linux machine with 0.99.7 I get
this:
User Datagram Protocol, Src Port: snmp (161), Dst Port: 43403 (43403)
Source port: snmp (161)
Destination port: 43403 (43403)
Length: 702
Checksum: 0x4faf [correct]
[Good Checksum: True]
[Bad Checksum: False]
Simple Network Management Protocol
version: v2c (1)
community: xxxxxxxxx
data: get-response (2)
get-response
request-id: 916977578
error-status: noError (0)
error-index:
0
variable-bindings: 32 items
IF-MIB::ifHCOutOctets.2 (1.3.6.1.2.1.31.1.1.1.10.2): 428859244654
Object Name: 1.3.6.1.2.1.31.1.1.1.10.2 (IF-MIB::ifHCOutOctets.2)
IF-MIB::ifEntry.ifIndex: 2
IF-MIB::ifHCOutOctets: 428859244654
I tried to recompile it on my own using the newest source (wireshark-0.99.9-SVN-24489) but have the same exact issue on the i386 linux machine. It parses every kind of SNMP datatypes except
the 64-bit counters. Am I missing something here or this is really a bug?
Thanks,
Krisztian