Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 7790] New: SMB 2.x Read Request parsing is wrong starting

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 3 Oct 2012 15:11:17 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7790

           Summary: SMB 2.x Read Request parsing is wrong starting at
                    Channel
           Product: Wireshark
           Version: 1.8.3
          Platform: x86
        OS/Version: Mac OS X 10.7
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Dissection engine (libwireshark)
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: suinn@xxxxxxxxx


Build Information:
WireShark 1.83
--
When parsing SMB 2.x Read Request, the packet format should be 
FileID (16 bytes)
MinimumCount (4 bytes)
Channel (4 bytes)
RemainingBytes (4 bytes)
etc

WireShark will parse the Minimum Count correctly, but then fails to advance by
4 bytes.  So, the Channel ends up showing the wrong values (it will show the
Minimum Count value) and all fields starting with the Channel are off by 4
bytes.

Note:  SMB 2.x Write Request parse fine.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube