[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-devel] [bug #53626] NetBIOS Responder generates malformed packet r
|
From: |
Jason White |
|
Subject: |
[lwip-devel] [bug #53626] NetBIOS Responder generates malformed packet responding to "*" name |
|
Date: |
Thu, 12 Apr 2018 14:07:01 -0400 (EDT) |
|
User-agent: |
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0 |
URL:
<http://savannah.nongnu.org/bugs/?53626>
Summary: NetBIOS Responder generates malformed packet
responding to "*" name
Project: lwIP - A Lightweight TCP/IP stack
Submitted by: wrc_jasonw
Submitted on: Thu 12 Apr 2018 06:07:00 PM UTC
Category: apps
Severity: 3 - Normal
Item Group: Faulty Behaviour
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Planned Release: None
lwIP version: git head
_______________________________________________________
Details:
Several days ago the NetBIOS responded was updated to respond to "*" names (in
bug #53325). I eagerly tested this feature and found the following:
(1) Wireshark reports the response packet to "*" names is malformed.
(2) Attempting to query the device's hostname fails - a response is sent by
LwIP but it gets discarded (in this case using both nmap and SoftPerfect
Network scanner)
I have attached a Wireshark capture (good_bad_nbns.pcapng) containing the
following:
(1) frame 1, from IP 192.168.1.50, an example of a valid response to the "*"
name from a networked printer.
(2) frame 2, from IP 192.168.1.190, a malformed NetBIOS response generated by
the feature implemented in bug #53325.
A preliminary comparison of the good (from the printer) and bad (from LwIP)
packets shows that the LwIP packet is missing the "Statistics" section.
Looking at RFC1002 4.2.18 also suggests that the response packet is supposed
to contain a statistics section at the end.
Based off of these observations I am lead to believe that adding the ~40 bytes
of statistics fields documented in RFC1002 to the end of the packet would
resolve this issue.
Thanks,
-Jason White
Disclaimer: I am no expert in the NetBIOS name service.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Thu 12 Apr 2018 06:07:00 PM UTC Name: good_bad_nbns.pcapng Size: 588B
By: wrc_jasonw
<http://savannah.nongnu.org/bugs/download.php?file_id=43902>
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?53626>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
- [lwip-devel] [bug #53626] NetBIOS Responder generates malformed packet responding to "*" name,
Jason White <=