Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 1234] New: Invalid characters in PDML output for ssh packe

Date: Sun, 19 Nov 2006 16:58:29 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1234

           Summary: Invalid characters in PDML output for ssh packet capture
           Product: Wireshark
           Version: 0.99.4
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Major
          Priority: Low
         Component: TShark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: paul.blankenbaker@xxxxxxxxxx


Build Information:
TShark 0.99.4

Copyright 1998-2006 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GLib 2.10.3, with libpcap 0.9.4, with libz 1.2.3, with libpcre
6.3, with Net-SNMP 5.3, with ADNS, without Lua, with GnuTLS 1.2.10, with Gcrypt
1.2.2, with MIT Kerberos.

Running on Linux 2.6.18-1.2239.fc5, with libpcap version 0.9.4.

Built using gcc 4.1.1 20060525 (Red Hat 4.1.1-1).

--
This may be similar to bug #1026 (where invalid/random bytes appeared in PDML
output from captured AIM traffic).

The attached capture file produces invalid XML output when packet 17 is
included in the dump.

The PSML output appears to be valid and reports packet 17 as being a "SSHv2"
("Client: Key Exchange Init") packet.

We were hoping that the updated "epan/ftypes/ftype-bytes.c" file mentioned in
bug #1026 would correct the problem.

- We applied it to our 0.99.4 build area and it fixed the AIM issues mentioned
in #1026, but did not fix this new issue with ssh traffic.

- We then tried downloading and building tshark from
"wireshark-0.99.5-SVN-19929.tar.gz", but this still did not fix the issue for
us.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.