Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 5546] New: Got error "Malformed Packets" on decoding SCTP

Date: Tue, 4 Jan 2011 08:42:38 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5546

           Summary: Got error "Malformed Packets" on decoding SCTP init
                    packet
           Product: Wireshark
           Version: 1.4.2
          Platform: Other
        OS/Version: Windows XP
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: qj1020tech@xxxxxxxxx


Created an attachment (id=5700)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5700)
 wireshark doesn't decode correctly on the first SCTP packet but it did well on
the second. Both of the packets are SCTP init. 

Build Information:
tshark -v
TShark 1.4.2 (SVN Rev 34959 from /trunk-1.4)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GLib 2.22.4, with WinPcap (version unknown), with libz
1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8, with c-ares
1.7.1, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt 1.4.5, with
MIT Kerberos, with GeoIP.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.2
(packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch 1_0_rel0b
(20091008).

Built using Microsoft Visual C++ 9.0 build 30729
--
The packet is generated from Linux and according to wireshark 1.4.2, it's
Malformed.  

It decodes another SCTP init packet fine.  

Attached is the pcaps with the "bad" and "good" packets.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.