Package: wireshark Version: 1.0.7-1 Severity: grave
All packets captured by wireshark are marked as [Malformed Packet]. It appears that the frame arrival time is incorrect. This bug renders wireshark unable to perform captures. This problem was noticed on an up-to-date Debian Squeeze system on 5/26, when attempting a capture from the eth0 interface. Below is an example of the Frame details of the first three frames of a captue (This capture was actually performed May 26, 2009 15:10): ==================================================================================== No. Time Source Destination Protocol Info 1 0.000000 Ethernet [Malformed Packet] Frame 1 (0 bytes on wire, 0 bytes captured) Arrival Time: Mar 2, 1970 10:22:26.212150245 [Arrival Time: Fractional second 2121502456 is invalid, the valid range is 0-1000000000] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 1 Frame Length: 0 bytes Capture Length: 0 bytes [Frame is marked: False] [Protocols in frame: eth] [Malformed Packet: Ethernet] No. Time Source Destination Protocol Info 2 0.000000 Ethernet [Malformed Packet] Frame 2 (0 bytes on wire, 0 bytes captured) Arrival Time: Mar 2, 1970 10:22:26.212150245 [Arrival Time: Fractional second 2121502456 is invalid, the valid range is 0-1000000000] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 2 Frame Length: 0 bytes Capture Length: 0 bytes [Frame is marked: False] [Protocols in frame: eth] [Malformed Packet: Ethernet] No. Time Source Destination Protocol Info 3 0.000000 Ethernet [Malformed Packet] Frame 3 (0 bytes on wire, 0 bytes captured) Arrival Time: Mar 2, 1970 10:22:26.212150245 [Arrival Time: Fractional second 2121502456 is invalid, the valid range is 0-1000000000] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 3 Frame Length: 0 bytes Capture Length: 0 bytes [Frame is marked: False] [Protocols in frame: eth] [Malformed Packet: Ethernet] ==================================================================================== Machine information: ~$ uname -a Linux 2.6.26-2-amd64 #1 SMP Mon May 11 19:56:16 UTC 2009 x86_64 GNU/Linux libc6 version: ~$ dpkg -s libc6 | grep ^Version; Version: 2.9-12 Wireshark dependencies information: ||/ Name Version Description +++-===========================-===========================-====================================================================== ii libadns1 1.4-2 Asynchronous-capable DNS client library and utilities ii libatk1.0-0 1.26.0-1 The ATK accessibility toolkit ii libc6 2.9-12 GNU C Library: Shared libraries ii libcairo2 1.8.6-2+b1 The Cairo 2D vector graphics library ii libcomerr2 1.41.3-1 common error description library ii libfontconfig1 2.6.0-3 generic font configuration library - runtime ii libfreetype6 2.3.9-4.1 FreeType 2 font engine, shared library files ii libgcrypt11 1.4.4-2 LGPL Crypto library - runtime library ii libglib2.0-0 2.20.1-2 The GLib library of C routines ii libgnutls26 2.6.6-1 the GNU TLS library - runtime library ii libgtk2.0-0 2.16.1-2 The GTK+ graphical user interface library ii libk5crypto3 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries - Crypto Library ii libkrb5-3 1.6.dfsg.4~beta1-13 MIT Kerberos runtime libraries ii libpango1.0-0 1.24.0-3+b1 Layout and rendering of internationalized text ii libpcap0.8 1.0.0-1 system interface for user-level packet capture ii libpcre3 7.8-2+b1 Perl 5 Compatible Regular Expression Library - runtime files ii libportaudio2 19+svn20071022-3 Portable audio I/O - shared library ii wireshark-common 1.0.7-1 network traffic analyser (common files) ii zlib1g 1:1.2.3.3.dfsg-13 compression library - runtime