Compression/decompression failure with large IPv6 extension
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
rohc | Status tracked in Rohc-main | |||||
1.3.x |
Fix Released
|
High
|
Didier Barvaux | |||
Rohc-main |
Fix Released
|
High
|
Didier Barvaux |
Bug Description
The ROHC library fails to correctly compress and decompress an IPv6 packet with a large IPv6 extension (2048 bytes). The library does not report any error either during compression or during decompression. However, the generated ROHC packet is 4150-byte long and the generated IP packet is 4144-byte long while the original IPv6 packet is only 2096-byte long.
The problem may be reproduced with the non-regression tool and the attached PCAP capture. The output of the command below is attached to the bug too.
$ ./test/test smallcid ipv6_with_
The PCAP capture was generated with Scapy (http://
>>> pad = ''
>>> for i in range(0, 255):
... pad += '\x00'
...
>>> packet = Ether() / IPv6() / \
... IPv6ExtHdrHopBy
... PadN(otype='PadN', optlen=255, optdata=pad), \
... PadN(otype='PadN', optlen=255, optdata=pad), \
... PadN(otype='PadN', optlen=255, optdata=pad), \
... PadN(otype='PadN', optlen=255, optdata=pad), \
... PadN(otype='PadN', optlen=255, optdata=pad), \
... PadN(otype='PadN', optlen=255, optdata=pad), \
... PadN(otype='PadN', optlen=255, optdata=pad), \
... PadN(otype='PadN', optlen=245, optdata=pad[0:245]) \
... ] ) / \
... ICMPv6EchoRequest()
>>> wrpcap(
Confirmed for 1.3.x.