Package: wireshark
Version: 1.0.7-1
Severity: grave
All packets captured by wireshark are marked as [Malformed Packet]. It
appears that the frame arrival time is incorrect.
This bug renders wireshark unable to perform captures.
This problem was noticed on an up-to-date Debian Squeeze system on
5/26, when attempting a
capture from the eth0 interface.
Below is an example of the Frame details of the first three frames of a captue
(This capture was actually performed May 26, 2009 15:10):
====================================================================================
No. Time Source Destination Protocol Info
1 0.000000
Ethernet [Malformed Packet]
Frame 1 (0 bytes on wire, 0 bytes captured)
Arrival Time: Mar 2, 1970 10:22:26.212150245
[Arrival Time: Fractional second 2121502456 is invalid, the valid
range is 0-1000000000]
[Time delta from previous captured frame: 0.000000000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.000000000 seconds]
Frame Number: 1
Frame Length: 0 bytes
Capture Length: 0 bytes
[Frame is marked: False]
[Protocols in frame: eth]
[Malformed Packet: Ethernet]
No. Time Source Destination Protocol Info
2 0.000000
Ethernet [Malformed Packet]
Frame 2 (0 bytes on wire, 0 bytes captured)
Arrival Time: Mar 2, 1970 10:22:26.212150245
[Arrival Time: Fractional second 2121502456 is invalid, the valid
range is 0-1000000000]
[Time delta from previous captured frame: 0.000000000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.000000000 seconds]
Frame Number: 2
Frame Length: 0 bytes
Capture Length: 0 bytes
[Frame is marked: False]
[Protocols in frame: eth]
[Malformed Packet: Ethernet]
No. Time Source Destination Protocol Info
3 0.000000
Ethernet [Malformed Packet]
Frame 3 (0 bytes on wire, 0 bytes captured)
Arrival Time: Mar 2, 1970 10:22:26.212150245
[Arrival Time: Fractional second 2121502456 is invalid, the valid
range is 0-1000000000]
[Time delta from previous captured frame: 0.000000000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.000000000 seconds]
Frame Number: 3
Frame Length: 0 bytes
Capture Length: 0 bytes
[Frame is marked: False]
[Protocols in frame: eth]
[Malformed Packet: Ethernet]
====================================================================================
Machine information:
~$ uname -a
Linux 2.6.26-2-amd64 #1 SMP Mon May 11 19:56:16 UTC 2009 x86_64 GNU/Linux
libc6 version:
~$ dpkg -s libc6 | grep ^Version;
Version: 2.9-12
Wireshark dependencies information:
||/ Name Version Description
+++-===========================-===========================-======================================================================
ii libadns1 1.4-2
Asynchronous-capable DNS client library and utilities
ii libatk1.0-0 1.26.0-1 The ATK
accessibility toolkit
ii libc6 2.9-12 GNU C
Library: Shared libraries
ii libcairo2 1.8.6-2+b1 The Cairo
2D vector graphics library
ii libcomerr2 1.41.3-1 common
error description library
ii libfontconfig1 2.6.0-3 generic
font configuration library - runtime
ii libfreetype6 2.3.9-4.1 FreeType 2
font engine, shared library files
ii libgcrypt11 1.4.4-2 LGPL
Crypto library - runtime library
ii libglib2.0-0 2.20.1-2 The GLib
library of C routines
ii libgnutls26 2.6.6-1 the GNU
TLS library - runtime library
ii libgtk2.0-0 2.16.1-2 The GTK+
graphical user interface library
ii libk5crypto3 1.6.dfsg.4~beta1-13 MIT
Kerberos runtime libraries - Crypto Library
ii libkrb5-3 1.6.dfsg.4~beta1-13 MIT
Kerberos runtime libraries
ii libpango1.0-0 1.24.0-3+b1 Layout and
rendering of internationalized text
ii libpcap0.8 1.0.0-1 system
interface for user-level packet capture
ii libpcre3 7.8-2+b1 Perl 5
Compatible Regular Expression Library - runtime files
ii libportaudio2 19+svn20071022-3 Portable
audio I/O - shared library
ii wireshark-common 1.0.7-1 network
traffic analyser (common files)
ii zlib1g 1:1.2.3.3.dfsg-13
compression library - runtime
