Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 12801] New: Organization Specific Slow Protocol dissection

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 31 Aug 2016 19:02:46 +0000
Bug ID 12801
Summary Organization Specific Slow Protocol dissection errors when retrieving OUI
Product Wireshark
Version 1.99.x (Experimental)
Hardware All
URL https://ask.wireshark.org/questions/55228
OS All
Status IN_PROGRESS
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Created attachment 14867 [details]
Capture with slow protocol, OSSP, ITU-T OUI

Build Information:
Version 2.3.0 (v2.3.0rc0-498-ga7dd070 from master)

Copyright 1998-2016 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 4.8.7, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with GLib 2.48.1, with zlib 1.2.8, with SMI 0.4.8, with c-ares
1.11.0, with Lua 5.2.4, with GnuTLS 3.5.3, with Gcrypt 1.7.3-beta, with MIT
Kerberos, with GeoIP, without QtMultimedia, without AirPcap.

Running on Linux 4.6.0-1-amd64, with locale LC_CTYPE=en_US.UTF-8,
LC_NUMERIC=nl_NL.UTF-8, LC_TIME=nl_NL.UTF-8, LC_COLLATE=nl_NL.UTF-8,
LC_MONETARY=nl_NL.UTF-8, LC_MESSAGES=en_US.UTF-8, LC_PAPER=en_US.UTF-8,
LC_NAME=en_US.UTF-8, LC_ADDRESS=en_US.UTF-8, LC_TELEPHONE=en_US.UTF-8,
LC_MEASUREMENT=nl_NL.UTF-8, LC_IDENTIFICATION=en_US.UTF-8, with libpcap version
1.7.4, with GnuTLS 3.5.3, with Gcrypt 1.7.3-beta, with zlib 1.2.8.
Intel(R) Core(TM)2 Duo CPU     E6850  @ 3.00GHz

Built using gcc 6.1.1 20160802.

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The attached capture file contains valid ITU OUI, but is not recognized as
such. In Wireshark 1.12 this is dissected correctly. See also referenced Q&A
question.

With the split up of the slow protocols dissector
(c91dd11ccb8fb6c77cb78cab59ae08c1b1b8df39) the Organization Specific Slow
Protocol dissection was made into its own dissector. The code was taken
verbatim, where the OSSP dissection entry point was previously a subroutine of
the slow protocols dissector. This subroutine did get the original tvb, and had
to accommodate for the slow protocol subtype byte in the offset. The OSSP
dissector however gets a new tvb subset, where this subtype byte is removed.
Therefore all offsets in the split off OSSP code have to be reduced by 1. That
happened for most code, but not that involved with OUI retrieval.

You are receiving this mail because:
  • You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube