Wireshark · Ethereal-users: RE: [Ethereal-users] [Patch] Bug in RCMP dissector (was RE: "Malformed" ASF RMCP ACK p ackets)

Ethereal-users: RE: [Ethereal-users] [Patch] Bug in RCMP dissector (was RE: "Malformed" ASF RMCP

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Rob Swindell" <swindell@xxxxxxxxxxxx>

Date: Thu, 3 Mar 2005 13:16:26 -0800

Francisco,

Thanks! Hopefully the developers will incorporate this patch into future releases.

-Rob

> Hi,
> 
> Please find attached a patch for the RMCP dissector that will 
> make it not to look for data blocks in ACK packets, plus a 
> sample capture with packets that now appear as malformed 
> because they lack it. The protocol specification is referred to below.
> 
> Regards, 
> 
>   Francisco
> 
> > -----Original Message-----
> > From: ethereal-users-bounces@xxxxxxxxxxxx
> > [mailto:ethereal-users-bounces@xxxxxxxxxxxx]
> > Sent: miércoles, 02 de marzo de 2005 22:29
> > To: 'Ethereal user support'
> > Subject: RE: [Ethereal-users] RE: "Malformed" ASF RMCP ACK packets
> > 
> > 
> > > Hi,
> > > 
> > > > Re-sending due to lack of acknowledgement/response:
> > > > 
> > > > Ethereal (v0.10.4) is reporting received ASF RMCP ACK 
> packets as 
> > > > being "malformed" when they appear to be perfectly
> > > valid. Example:
> > > > 
> > > > 0000  00 0f 1f d7 cd 46 00 b0  d0 21 00 48 08 00 45 00   
> > > > 0010  00 20 3d 9a 00 00 20 11  fd 44 ac 10 01 ef ac 10   
> > > > 0020  05 df 02 6f 02 6e 00 0c  93 84 06 00 01 86 00 00   
> > > > 0030  00 00 00 00 00 00 00 00  00 00 00 00               
> > > > 
> > > > This is an ASF RMCP ACK of an ASF RMCP Capabilities
> > Request packet.
> > > > 
> > > > I can only guess that Ethereal is assuming that ASF RMCP ACK 
> > > > packets are supposed to include a data block, when in fact
> > > they do not
> > > > (see section 3.2.2.1 Note 1 in the ASF Specification).
> > > > 
> > > > Perhaps someone on the Ethereal development team can point out 
> > > > exactly what it is that Ethereal is expecting, but not
> > > finding, in
> > > > this packet?
> > > 
> > > There is a development list you might use if you are trying
> > > specifically to contact developers -althouth I believe most 
> > > of them subscribe to this also-.
> > > 
> > > I suppose nobody can immediately derive your problem from
> > > your description, so if you attach a trace -the trace file 
> > > with the packet, not only the hex dump- I can try and have a 
> > > look at it; with the disclaimer that I don't know a bit 
> > > about ASF, I can only try and find the place where the 
> > > program is expecting 
> > > something it does not find. If you add a pointer to the ASF 
> > > Specification it would probably also help.
> > 
> > I attached a trace file that demonstrates this problem (a
> > valid RMCP ack packet reported as "malformed" by Ethereal).
> > 
> > Here's a link to the ASF specification:
> > 
> > http://www.dmtf.org/standards/documents/ASF/DSP0136.pdf
> > 
> > -Rob
> > 
> 
>

References:
- [Ethereal-users] [Patch] Bug in RCMP dissector (was RE: "Malformed" ASF RMCP ACK p ackets)
  - From: Francisco Alcoba (TS/EEM)

Prev by Date: Re: [Ethereal-users] Capture without filter works fine, capture with filter doesn't
Next by Date: Re: [Ethereal-users] How can I translate Ethereal GUI texts ?
Previous by thread: [Ethereal-users] [Patch] Bug in RCMP dissector (was RE: "Malformed" ASF RMCP ACK p ackets)
Next by thread: RE: [Ethereal-users] [Patch] Bug in RCMP dissector (was RE: "Malf ormed" ASF RMCP ACK p ackets)
Index(es):
- Date
- Thread