Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 3188] New: Malformed packet reported for Binary Input Resp

Date: Sun, 11 Jan 2009 20:31:31 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3188

           Summary: Malformed packet reported for Binary Input Response
                    Object 1, Variation 1 when using DNP3 over IP
           Product: Wireshark
           Version: 1.0.5
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: globeboy@xxxxxxxxx


Created an attachment (id=2666)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2666)
Capture from both Wireshark and ASE2000

Build Information:
wireshark 1.0.5 (SVN Rev 26954)

Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.8, with GLib 2.14.6, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with ADNS, with Lua 5.1, with GnuTLS 2.3.8, with Gcrypt 1.4.1, with MIT
Kerberos, with PortAudio V19-devel, with AirPcap.

Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0.2
(packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, without
AirPcap.

Built using Microsoft Visual C++ 6.0 build 8804


Press any key to exit
--
When decoding DNP3/TCP and UDP - the binary input response (obj:1,var:1) is
reported in Wireshark as a malformed packet.

To reproduce:
Transmit DNP3 binary input request (object 1, variation 0) to a DNP3 slave over
TCP or UDP. Check that slave responds with binary input response (object 1,
variation 1) and monitor traffic in Wireshark.

Actual result:
The binary input response (object 1, variation 1) is flagged as malformed
packet.

Expected result: 
Binary input response should be decoded without being flagged as malformed
packet (see ASE2000 output in attached jpg)

Build date & platform:
Microsoft Windows XP [Version 5.1.2600]


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.