SMB IOCTL response packet with BUFFER_OVERFLOW status is dissected improperly
This issue was migrated from bug 16261 in our old bug tracker.
Original bug information:
Reporter: Volodymyr Khomenko
Status: RESOLVED FIXED
Product: Wireshark
Component: Dissection engine (libwireshark)
OS: Linux
Platform: x86-64
Version: 2.6.10
Attachments:
enum_shares_buffer_overflow2.pcapng: Traffic with IOCTL BUFFER_OVERFLOW for PIPE_TRANSCIEVE (SRVSVC NetShareEnumAll) see packet 14
: Screenshot of corrupted IOCTL response packet