[Wireshark-bugs] [Bug 16522] New: packet-eap.c: Conservative Peer, Anonymous User, Encrypted IMSI, and two other identity types do not dissect

Wed, 29 Apr 2020 08:38:23 -0700 

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16522

            Bug ID: 16522
           Summary: packet-eap.c:  Conservative Peer, Anonymous User,
                    Encrypted IMSI, and two other identity types do not
                    dissect
           Product: Wireshark
           Version: unspecified
          Hardware: x86-64
                OS: Ubuntu
            Status: UNCONFIRMED
          Severity: Normal
          Priority: Low
         Component: Dissection engine (libwireshark)
          Assignee: mswe...@hotmail.com
          Reporter: mswe...@hotmail.com
                CC: realrichardsha...@gmail.com
        Depends on: 16521
  Target Milestone: ---

Build Information:
Wireshark 3.2.0
Copyright 1998-2019 Gerald Combs <ger...@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<https://www.gnu.org/licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.9.5, with libpcap, without POSIX capabilities,
without libnl, with GLib 2.56.4, with zlib 1.2.11, without SMI, with c-ares
1.16.0, without Lua, without GnuTLS, with Gcrypt 1.8.1, without Kerberos, with
MaxMind DB resolver, without nghttp2, without brotli, without LZ4, without
Zstandard, without Snappy, without libxml2, with QtMultimedia, with SpeexDSP
(using bundled resampler), without SBC, without SpanDSP, without bcg729.

Running on Linux 5.3.0-46-generic, with Intel(R) Core(TM) i7-4790K CPU @
4.00GHz
(with SSE4.2), with 7934 MB of physical memory, with locale en_US.UTF-8, with
libpcap version 1.8.1, with Gcrypt 1.8.1, with zlib 1.2.11, binary plugins
supported (0 loaded).

Built using gcc 7.5.0.

--
Within packet-eap.c and further within function 'dissect_eap_identity_wlan()',
eap_identity_prefix only accounts for unencrypted IMSI values, pseudonym
identities, and reauthentication identities (and a "catch-all" default
statement within the switch).  The following identity types exist and should be
added to round out the dissection:

- Conservative Peer (identity prefix 'C' or 0x43)
- Anonymous Identity (identity prefix 'a' or 0x61)
- Encrypted IMSI (identity prefix '\0' or 0x00) (depends on Bug 16521)
- Currently unknown yet frequently seen prefixes 'G' and 'I'


Referenced Bugs:

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16521
[Bug 16521] packet-eap.c:  Encrypted IMSI identities begin with a null byte
prefix which fails string grab in dissect_eap_identity_wlan()
-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to