ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 5593] New: Malformed Packet: ULP reported when dissecting

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 18 Jan 2011 20:56:08 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5593

           Summary: Malformed Packet: ULP reported when dissecting ULP
                    SessionID PDU
           Product: Wireshark
           Version: 1.4.3
          Platform: x86
        OS/Version: Windows Vista
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: jy.m12.0@xxxxxxxxx


Created an attachment (id=5748)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5748)
the tcpdump and ASN files

Build Information:
Version 1.4.3 (SVN Rev 35482 from /trunk-1.4)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.16.6, with GLib 2.22.4, with WinPcap (version
unknown), with libz 1.2.3, without POSIX capabilities, without libpcre, with
SMI
0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.8.5, with
Gcrypt 1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built
Jan
11 2011), with AirPcap.

Running on 32-bit Windows Vista Service Pack 1, build 6001, with WinPcap
version
4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.8.5, Gcrypt 1.4.5, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 30729

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Wireshark reports that the msisdn part of setSessionID is missing, and report
Malformed Packet: ULP error from this point, but from Packer Bytes window, I
can find Wireshark has already dissect the msisdn part successfully.

The sessionId part is common from ULPv1 to ULPv2, I'm not sure it's caused by
the ULP version problem (according to
http://ask.wireshark.org/questions/1779/oma-ulp-protocol-version-20-support-problem-and-malformed-packet-ulp-error),
the ULPv2 20080627 version is used in 1.4.3, but in my case, the bytes are
encoded from 201008 version. Or the wireshark has bug dissecting ULPv2.

Please find the attached zip, it includes
123.tcpdump  -> the tcpdump file, that cannot be decoded successfully
SUPL.asn           -> asn file following
http://anonsvn.wireshark.org/viewvc/trunk/asn1/ulp/
ULP-Components.asn
ULP.asn

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube