Wireshark · Ethereal-dev: Re: [Ethereal-dev] PPP dissector bug

Ethereal-dev: Re: [Ethereal-dev] PPP dissector bug

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Irfan Khan <ikhan@xxxxxxxxxxxx>

Date: Mon, 10 Mar 2003 20:15:22 -0700

Guy Harris wrote:

On Mon, Mar 10, 2003 at 07:56:19PM -0700, Irfan Khan wrote:

Yup, these are framing bytes. I thought it better to put the check forany unexpected 0x7e s in packet-ppp to make it more bug-proof :)


But what if there happens to be a PPP protocol with a value 0x7eXX, for
some value of "XX"?  Unlikely, I suspect, but should we be stripping
0x7e's out unconditionally?

(And what were the 0x7e's doing in there?  Incorrect stripping of link
framing by the LAC?)

0x7e is escaped in PPP (preceded by 0x7d). I suspect the escapingextends to the protocol number too though I have to go check my 1661 onthat :).

I believe the implementation of L2TP is incorrect for the log I waslooking at. A bigger negative of stripping link framing that I canthink of is it would hide, in cases like L2TP, the faulty implementationof PPP. I was however more interested in getting to the payload of thePPP packets in this instance and had no good answers to this precedingconcern.

Follow-Ups:
- Re: [Ethereal-dev] PPP dissector bug
  - From: Guy Harris

References:
- [Ethereal-dev] PPP dissector bug
  - From: Irfan Khan
- Re: [Ethereal-dev] PPP dissector bug
  - From: Guy Harris
- Re: [Ethereal-dev] PPP dissector bug
  - From: Irfan Khan
- Re: [Ethereal-dev] PPP dissector bug
  - From: Guy Harris

Prev by Date: Re: [Ethereal-dev] PPP dissector bug
Next by Date: Re: [Ethereal-dev] PPP dissector bug
Previous by thread: Re: [Ethereal-dev] PPP dissector bug
Next by thread: Re: [Ethereal-dev] PPP dissector bug
Index(es):
- Date
- Thread