Wireshark-bugs: [Wireshark-bugs] [Bug 7363] New: Wireshark is unable to dissect Security Descrip
Date: Tue, 12 Jun 2012 21:31:52 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7363

           Summary: Wireshark is unable to dissect Security Descriptors
                    that span TCP segments where some are not captured or
                    reassembled
           Product: Wireshark
           Version: 1.9.x (Experimental)
          Platform: x86
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: [email protected]
        ReportedBy: [email protected]


Build Information:
Version 1.9.0 (SVN Rev 43186 from /trunk)

Copyright 1998-2012 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.22.0, with Cairo 1.10.2, with Pango 1.28.1, with
GLib 2.26.0, with libpcap, with libz 1.2.5, with POSIX capabilities (Linux),
without SMI, without c-ares, without ADNS, without Lua, without Python, with
GnuTLS 2.8.6, with Gcrypt 1.4.5, with MIT Kerberos, without GeoIP, without
PortAudio, with AirPcap.

Running on Linux 2.6.35.14-106.fc14.x86_64, with locale en_US.utf8, with
libpcap
version 1.1.1, with libz 1.2.5, GnuTLS 2.8.6, Gcrypt 1.4.5, without AirPcap.

Built using gcc 4.5.1 20100924 (Red Hat 4.5.1-4).

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
When Wireshark is given a capture containing SMB SET SD requests or GET SD
requests where the whole request or response spans multiple TCP segments where
some of those segments are missing or unreassembled, it fails to display any
part of the SD.

Attached is an example capture along with a screen shot of the result.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.