Closed calebmadrigal closed 6 years ago
I hope it didn’t cause you any trouble :/ I still have no idea why this happened. Will investigate
It didn't cause any trouble - it was an entertaining DEF CON moment though :)
Can you share a capture of the packet?
@p-l- Sorry, I didn't get one.
Could not reproduce it either with the following code. Please reopen if you can find something that can help us reproduce the issue.
$ cat test_len.py
from scapy.all import *
N = 1000
a = Ether()
for i in xrange(N):
a /= Ether()
len(a)
len(Ether(raw(a)))
if i % 50 == 0:
print i
I'm able to reproduce this with scapy 2.4.3 on Fedora Linux. I have a pcap file containing ipv4 tcp port 53 packets that when run through passer ( https://github.com/activecm/passer/ ) gives the following:
Traceback (most recent call last):
File "/home/wstearns/med/programming/passer/passer.py", line 2428, in
Command line used: passer.py -r scapy243.recursion_issue.notudp.port53.notip6.pcap >/dev/null
For reference:
Packet.len throwing exception on deeply-nested packet
Environment
How to reproduce
I'm at DEF CON, and I think I intercepted some unknown packet which was deeply nested, based on the Traceback.
Actual result