http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2090
Summary: X25 dissector should not assume COTP when no other info
Product: Wireshark
Version: 0.99.7
Platform: All
OS/Version: Windows XP
Status: NEW
Severity: Minor
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: gerhard.nospam@xxxxxxxxx
Build Information:
Version 0.99.6a (SVN Rev 22276)
(Also in SVN 2007-12-11)
Introduced in 0.99.6.
--
X25 dissector assumes that the included protocol is COTP if there is no
information in the call setup. This is incorrect, X25 can contain many other
protocols. (A comparison would be to always assume that the protocol in IP is
TCP if it is unknown.)
The consequences:
* COTP writes "Length indicator is zero" to the info column
* Other dissectors will not be able to dissect the packet.
If there is a need to "assume" COTP, then there should be an option for it in
preferences.
Introduced here:
http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk-0.99.7/epan/dissectors/packet-x25.c?r1=18196&r2=21026
Possibly related to this bug:
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1163
Workarounds:
* Rebuild and remove the "automatic" COTP assumption
* Save each capture without the Call Request. A very manual and tedious
task...
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
