Le 16 juin 2015 4:14 PM, "Jiunrong" <jiunrong@xxxxxxxxx> a écrit :
>
> Hi advancer:
>
> I found [Malformed Packet: CFM] when I receive CFM Type Test signal (TST) without CRC32, but it is ok with CRC32.
>
>
>
> I try to find what happen, so I download the source code.
>
> I am new guide in wireshark, if I make mistake, please don’t laugh me.
>
>
>
> in file: epan/dissectors/packet-cfm.c
>
> Due to
>
> tlv_data_offset += (cfm_tlv_length-5);
>
> I think next line maybe need -1
>
> tlv_data_offset += cfm_tlv_length; //maybe it need -1
>
>
>
>
>
> if (cfm_tlv_length > 0) {
>
> switch (tlv_tst_test_pattern_type) {
>
> case 0:
>
> case 2:
>
> proto_tree_add_item(cfm_tlv_tree, hf_tlv_tst_test_pattern,
>
> tvb, tlv_data_offset, cfm_tlv_length-1, ENC_NA);
>
> tlv_data_offset += cfm_tlv_length; //maybe it need -1
>
> break;
>
> case 1:
>
> case 3:
>
> proto_tree_add_item(cfm_tlv_tree, hf_tlv_tst_test_pattern,
>
> tvb, tlv_data_offset, cfm_tlv_length-5, ENC_NA);
>
> tlv_data_offset += (cfm_tlv_length-5);
>
> proto_tree_add_item(cfm_tlv_tree, hf_tlv_tst_CRC32,
>
> tvb, tlv_data_offset, 4, ENC_NA);
>
> tlv_data_offset += 4;
>
> break;
>
> }
>
> }
>
> From JustinKu
>
Hi JustinKu,
Can I convince you to fill a bug on http://bugs.wireshark.org with your pcap file triggering the malformed message attached?
Best regards,
Pascal.
