Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 4203] New: [NAS EPS] Expert Info error triggered when deco

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 4 Nov 2009 04:56:58 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4203

           Summary: [NAS EPS] Expert Info error triggered when decoding a
                    Security Mode Complete message
           Product: Wireshark
           Version: 1.3.x (Experimental)
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: Trivial
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: pascal.quantin@xxxxxxxxx
                CC: anders.broman@xxxxxxxxxxxx



Pascal Quantin <pascal.quantin@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #3903|                            |review_for_checkin?
               Flag|                            |


Created an attachment (id=3903)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3903)
Security Mode Complete decoding patch

Build Information:
Version 1.3.2 (SVN Rev 30817 from /trunk)

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.12, with GLib 2.16.6, with libpcap 1.0.0, with libz
1.2.3.3, without POSIX capabilities, with libpcre 7.6, without SMI, without
c-ares, without ADNS, without Lua, without Python, with GnuTLS 2.4.2, with
Gcrypt 1.4.1, with MIT Kerberos, without GeoIP, without PortAudio, without
AirPcap, with new_packet_list.

Running on Linux 2.6.26-2-686-bigmem, with libpcap version 1.0.0, GnuTLS 2.4.2,
Gcrypt 1.4.1.

Built using gcc 4.3.2.

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
If Wireshark tries to decode a EMM Security Mode Complete message without the
optional Mobile Identity IE, an erroneous "malformed packet" expert info error
is triggered. For example the PDU 47 00 00 00 00 00 07 5E triggers this.
The attached patch checks that we did not reach the end of PDU before tryying
to decode an optional IE.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube