WinDivertOpen cause process crash with EXCEPTION_ACCESS_VIOLATION

[asbai]

Testing 2.2.0-A on both Win7 x86 and Win7 x64, all using 32bit exe + 32bit dll + 32/64bit sys.

Simply one line code ::WinDivertOpen("outbound and tcp", WINDIVERT_LAYER_NETWORK, 0, 0); can cause process killed by OS with EXCEPTION_ACCESS_VIOLATION.

And the first parameter of this exception is 8, see here: "If this value is 8, the thread causes a user-mode data execution prevention (DEP) violation."

Does it means we must close the DEP before using windivert?

[asbai]

When we turn off the DEP protection and run the test program again (with only one WinDivertOpen call in the main), we still can see the EXCEPTION_ACCESS_VIOLATION exception. This time the first parameter is 0: "the thread attempted to read the inaccessible data."

BTW: We use VC2005 to compile and link the 32bit exe for testing.

[asbai]

Change to MinGW solve this problem. But we still don't known why call WinDivertOpen from VC2005 (VC8) crash the process.

[basil00]

VC2005 is very old, so I think there is some incompatibility (ABI?) that manifests as a memory protection fault. This is unlikely to be a bug in WinDivert so I will close this for now.