Wireshark-bugs: [Wireshark-bugs] [Bug 10043] New: IPv6 Mobility Option Link Layer Address parses
Date: Fri, 25 Apr 2014 11:15:29 +0000
Bug ID 10043
Summary IPv6 Mobility Option Link Layer Address parses 0 length address as if it is of length 1
Classification Unclassified
Product Wireshark
Version 1.6.6
Hardware x86-64
OS Windows 7
Status UNCONFIRMED
Severity Normal
Priority Low
Component Wireshark
Assignee [email protected]
Reporter [email protected]

Created attachment 12731 [details]
Example IPv6 packet with Mobility Option Link Layer address of 0-length address

Build Information:
Version 1.6.6 (SVNRev 41803 from /trunk-1.6)

Copyright 1998-2012 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.22.1, with GLib 2.26.1, with WinPcap (version
unknown), with libz 1.2.5, without POSIX capabilities, without libpcre, without
SMI, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.12.18, with
Gcrypt 1.4.6, without Kerberos, with GeoIP, with PortAudio V19-devel (built Mar
27 2012), with AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 21022

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Discovered while working on Pcap.Net, http://pcapdot.net.

In Wireshark 1.6.6, if there is an IPv6 layer with Mobility Options with Link
Layer Address Option. This option is parsed incorrectly when the address field
is empty.
In the attached example, the option type is 7 for Link-Layer address option and
the option data length is 1, which means that the option should be 3 bytes
long.
However, it is parsed as if it is 4 bytes long.

Thanks,

Boaz.


You are receiving this mail because:
  • You are watching all bug changes.