Wireshark-bugs: [Wireshark-bugs] [Bug 6302] New: OSPF LSA length minimum values
Date: Thu, 1 Sep 2011 05:35:22 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6302

           Summary: OSPF LSA length minimum values
           Product: Wireshark
           Version: 1.4.8
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Wireshark
        AssignedTo: [email protected]
        ReportedBy: [email protected]


Build Information:
wireshark 1.4.8

Copyright 1998-2011 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.22.0, with GLib 2.26.0, with libpcap 1.1.1,
without libz, without POSIX capabilities, without libpcre, with SMI 0.4.8,
without c-ares, without ADNS, with Lua 5.1, without Python, with GnuTLS 2.8.6,
with Gcrypt 1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel
(built Jun 12 2011 17:14:03), without AirPcap.

Running on Linux 2.6.35.14-95.fc14.i686.PAE, with libpcap version 1.1.1, GnuTLS
2.8.6, Gcrypt 1.4.5.

Built using gcc 4.5.1 20100924 (Red Hat 4.5.1-4).
--
Hello.

RFC2328 (OSPFv2), A.4.1 (The LSA header) and RFC5340 (OSPFv3), A.4.2 (The LSA
Header) define, that "length" 16-bit field of LSA header includes the standard
LSA header length (20 bytes). Besides that, each particular LSA type ("LS type"
field of LSA header, 8 bits in OSPFv2 and 16 bits in OSPFv3) has additional
length constraints. For OSPFv3 these would be:

(LS type) (length constraint)
0x2001 Router LSA: 20+4 bytes
0x2002 Network LSA: 20+4 bytes
0x2003 Inter-Area-Prefix LSA: >= 20+4 bytes
0x2004 Inter-Area-Router LSA: == 20+12 bytes
0x4005 AS-External LSA: >= 20+4 bytes
0x2006 NSSA LSA: >= 20+4 bytes
0x0008 Link LSA: >= 20+24 bytes
0x2009 Intra-Area-Prefix LSA: >= 20+12 bytes

I have made a look at OSPF dissector source and identified the functions which
would need to be modified, but making it the right way would require the time,
which I don't currently have. If you could make at least some of these
constraints into OSPF dissector, that would improve the accuracy of Wireshark.
If you want, I can prepare constraint set for OSPFv2.

Thank you.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.