Home page logo
/

wireshark logo Wireshark mailing list archives

Re: Defect in reassembling TCP stream. Bug and Patch are available on Bugzilla.
From: Graham Bloice <graham.bloice () trihedral com>
Date: Fri, 28 Mar 2014 15:10:41 +0000

Hi Pavel,

Can you use the revised workflow and submit the change to Gerrit.  Any
discussion on the proposed change will take place in the Gerrit Review
process.

Workflow info can be found here:
http://wiki.wireshark.org/Development/Workflow


On 28 March 2014 15:06, Pavel Karneliuk <Pavel_Karneliuk () epam com> wrote:

 Hello,

At first, thank you all for Wireshark. It is amazing tool!


I found a defect and register Bug 9936<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9936>– “epan/follow.c - 
Incorrect comparing a sequence number of TCP fragment
when its value wraps over uint32_t limit”
A capture file and my patch are attached to bug in Bugzilla.

Patch is a one-line fix:

--- a/epan/follow.c

+++ b/epan/follow.c

@@ -441,7 +441,7 @@ check_fragments( int idx, tcp_stream_chunk *sc,
guint32 acknowledged ) {

         lowest_seq = current->seq;

       }

 -      if( current->seq < seq[idx] ) {

+      if( LT_SEQ(current->seq, seq[idx]) ) {

         guint32 newseq;

         /* this sequence number seems dated, but

            check the end to make sure it has no more



It is just a replacement a compare operator to wraps-friendly macro.
Similar to code around (with GT_SEQ usage).
What do you think?



Best Regards,
*Pavel Karneliuk*
Senior Software Engineer

EPAM Systems
Minsk office, Belarus

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]