https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4534
Summary: Incorrect packet reassembly for 6LoWPAN
Product: Wireshark
Version: 1.3.x (Experimental)
Platform: Other
OS/Version: Windows XP
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: osk@xxxxxxxxxx
Build Information:
Version 1.3.4
Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.18.7, with GLib 2.22.4, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8,
with c-ares 1.7.0, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt
1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Feb 23
2010), with AirPcap, with new_packet_list.
Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, GnuTLS 2.8.5,
Gcrypt 1.4.5, without AirPcap.
Built using Microsoft Visual C++ 9.0 build 30729
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
The packet reassembly code for 6LoWPAN (RFC4944) in incorrect, the datagram
size and offset fields are meant to be relative to the uncompressed IPv6
packet, meaning that fragments need to be decompressed before attempting
reassembly. I have attached a patch that fixes the problem.
While fixing this bug, I also happened across a problem with the derivations of
interface identifiers from 16-bit IEEE 802.15.4 addresses, which should also be
fixed in my patch.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
