[Wireshark-bugs] [Bug 16563] New: SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2 Create Request is not parsed

Wed, 13 May 2020 04:18:18 -0700 

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16563

            Bug ID: 16563
           Summary: SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2
                    Create Request is not parsed
           Product: Wireshark
           Version: 3.2.3
          Hardware: x86-64
                OS: Windows 10
            Status: UNCONFIRMED
          Severity: Minor
          Priority: Low
         Component: Dissection engine (libwireshark)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: jinh...@gmail.com
  Target Milestone: ---

Created attachment 17756
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=17756&action=edit
SMB2_CREATE_APP_INSTANCE_VERSION is not parsed in Create request.

Build Information:
3.2.3 (v3.2.3-0-gf39b50865a13)

Compiled (64-bit) with Qt 5.12.6, with WinPcap SDK (WpdPack) 4.1.2, with GLib
2.52.3, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4,
with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos,
with MaxMind DB resolver, with nghttp2 1.39.2, with brotli, with LZ4, with
Zstandard, with Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic
updates using WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled
resampler), with SBC, with SpanDSP, with bcg729.

Running on 64-bit Windows 10 (1909), build 18363, with Intel(R) Core(TM)
i7-6600U CPU @ 2.60GHz (with SSE4.2), with 16205 MB of physical memory, with
locale English_United States.936, with light display mode, with mixed DPI, with
Npcap version 0.9989, based on libpcap version 1.9.1, with GnuTLS 3.6.3, with
Gcrypt 1.8.3, with brotli 1.0.2, without AirPcap, binary plugins supported (19
loaded).

Built using Microsoft Visual Studio 2019 (VC++ 14.24, build 28316).

--
SMB2_CREATE_APP_INSTANCE_VERSION structure in SMB2 Create Request context is
not parsed in Wireshark. 
The structure is in MS-SMB2 document:
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/dff54760-c485-41e0-978d-e4b2ccad2707.

In Wireshark, it is shows as 'invalid'.

Chain Element: <invalid> "b7d082b9-563b-4f07-a07b-524a8116a010"
    Chain Offset: 0x00000000
    Tag: b7d082b9-563b-4f07-a07b-524a8116a010
    Blob Offset: 0x00000020
    Blob Length: 24
    Data

See first frame in the network trace file.

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

Reply via email to