https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14406

            Bug ID: 14406
           Summary: Wireshark doesn't report EAP packet as malformed
                    packet when EAP LENGTH field has wrong length value
           Product: Wireshark
           Version: 2.4.4
          Hardware: x86
                OS: Windows 10
            Status: UNCONFIRMED
          Severity: Normal
          Priority: Low
         Component: Dissection engine (libwireshark)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: gledessprede...@hotmail.no
  Target Milestone: ---

Created attachment 16112
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16112&action=edit
Example of malformed frame not reported as malformed by Wireshark

Build Information:
Version 2.4.4 (v2.4.4-0-g90a7be11a4)
--
When troubleshooting an 802.1x issue, we discovered that the authenticator
(switch) was sending a malformed EAP SUCCESS message.

The 802.1x portion of the frame was correctly reported with a LENGTH of 4 bytes
by the authenticator, but the EAP portion of the packet was incorrectly
reported with a LENGTH of 0 bytes by the authenticator (instead of the correct
4 bytes = 1 byte EAP CODE + 1 byte EAP ID + 2 bytes EAP LENGTH + 0 bytes EAP
DATA). This caused the supplicant (Windows 7 PC) to ignore the EAP SUCCESS
message, and as a result the supplicant would initiate a new EAP authentication
sequence.

The bug report is related to Wireshark not flagging the frame as a malformed
packet.

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to