Open psZachary opened 11 months ago
psZachary
commented
11 months ago I also want to say that after installing WinPCap, I may have got something to work, but now I get an strstr error
auto device_list = pcpp::PcapLiveDeviceList::getInstance().getPcapLiveDevicesList();
seladb
commented
11 months ago The exception seems to be inside of WinPcap and not in PcapPlusPlus source code, so it's hard to know what's the issue...
Do you see this interface when using Wireshark or tcpdump?
psZachary
commented
11 months ago The exception seems to be inside of WinPcap and not in PcapPlusPlus source code, so it's hard to know what's the issue...
Do you see this interface when using Wireshark or tcpdump?
Yes, I do see the interface when using Wireshark.
ganeshharihara
commented
11 months ago For what its worth, I am running into the same issue, also installed via vcpkg. haven't tried using winpcap yet.
Also, same code I am using works when using the precompiled example project. Tried compiling everything in msvc 142 to match the example project, but getting a unresolved external symbol stdfind_trivial_1 while linking
seladb
commented
11 months ago @psZachary @ganeshharihara I'm not sure the latest release (v22.11) that you installed via vcpkg works well in VS2022, maybe that's the problem?
One thing that you can do is build from source. We recently moved to CMake so buidling from master branch should be easy and it supports VS2022. Here are the build instructions for the master branch:
https://pcapplusplus.github.io/docs/next/install/vs
ganeshharihara
commented
10 months ago hi @seladb I tried building via instructions you passed and linking and getting the same error. Any thoughts?
EDIT: Actually got it to work, but trying to figure out how to compile with ztsd support. Doesnt seem to be an option in the config setup for windows
seladb
commented
10 months ago @ganeshharihara @psZachary I did some research and it seems to be something with the interface name or description.
What I think happens is that there is a call to Win32 API PacketGetAdapterNames and then the description is saved in a desc variable like here. This string is the same as source that cause the crash.
Maybe the interface description is empty or has some non-standard characters?
Can you please run ipconfig /all and netsh interface show interface and print the output?
psZachary
commented
10 months ago Ahh, classic WinApi issue, with unicode strings and whatnot, I'd like to thank you for your dedication to this issue.
Maybe I can call the function myself in a debug program and test if it fails? Or what is returned. Either way I don't think that the description has empty characters or non standard characters. Here's the device description pasted directly from the device manager windows application: Linksys WUSB6300
(there is a \n escape character at the end of the description, but I think they add it to the end when copying)
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Linksys WUSB6300
Physical Address. . . . . . . . . : C8-D7-19-C1-E3-ED
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4acc:61f9:5b82:8ba4%4
IPv4 Address. . . . . . . . . . . : 192.168.86.35
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 14, 2023 10:09:06 AM
Lease Expires . . . . . . . . . . : Tuesday, August 15, 2023 10:13:19 AM
Default Gateway . . . . . . . . . : 192.168.86.1
DHCP Server . . . . . . . . . . . : 192.168.86.1
DHCPv6 IAID . . . . . . . . . . . : 63493913
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-25-7D-10-C6-30-9C-23-D3-08-A4
DNS Servers . . . . . . . . . . . : 8.8.8.8
8.8.4.4
NetBIOS over Tcpip. . . . . . . . : Enabled@psZachary @ganeshharihara I downloaded WinPcap source code and tried to follow the stack trace again. I still think that PacketGetAdapterNames is the source of the problem. Maybe you can run it locally and then run the rest of the code mentioned in https://github.com/SageAxcess/pcap-ndis6/blob/77c9f02f5a774a5976e7fb96f667b5abb335d299/src/libpcap/pcap-win32.c#L1305?
@psZachary from your example it seems the interface name and desc are ok and don't contain any non-standard characters. So maybe there is a permission issue reading the data using PacketGetAdapterNames? It's hard for me to tell, so I'll need your help debugging it...
seladb
commented
10 months ago @psZachary @ganeshharihara any update on this?
seladb
commented
9 months ago I am closing this issue because I haven't gotten a response yet. If anyone stumbles upon this issue and can help debug it, I'd really appreciate it!
gardc
commented
4 months ago I get the same issue! With WinPcap it produced the same exception as previously posted in this thread, with Npcap installed auto devices = pcpp::PcapLiveDeviceList::getInstance().getPcapLiveDevicesList(); returns an empty vector.
PCPP installed via Vcpkg on Windows 23H2, Visual Studio 2022, Npcap 1.79.
seladb
commented
4 months ago Thanks @gardc ! Since I can't reproduce the issue locally, I'll be very happy if you can help debug it on your system. I provided some insights in these comments: https://github.com/seladb/PcapPlusPlus/issues/1176#issuecomment-1676197653, https://github.com/seladb/PcapPlusPlus/issues/1176#issuecomment-1678531961
gardc
commented
4 months ago Thanks @gardc ! Since I can't reproduce the issue locally, I'll be very happy if you can help debug it on your system. I provided some insights in these comments: #1176 (comment), #1176 (comment)
I can do what I can to help! Here is my ipconfig output:
C:\Users\gaming>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : DESKTOP-98DHS8R
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek Gaming 2.5GbE Family Controller
Physical Address. . . . . . . . . : 08-BF-B8-A7-0E-16
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.0.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, February 22, 2024 10:23:54 PM
Lease Expires . . . . . . . . . . : Friday, February 23, 2024 5:23:54 AM
Default Gateway . . . . . . . . . : 10.0.0.138
DHCP Server . . . . . . . . . . . : 10.0.0.138
DNS Servers . . . . . . . . . . . : 148.122.164.253
148.122.16.253
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Ethernet 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 0A-00-27-00-00-03
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5515:b77a:3a2b:385b%3(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 722075687
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2D-30-3C-95-08-BF-B8-A7-0E-16
NetBIOS over Tcpip. . . . . . . . : Enabled
Wireless LAN adapter WiFi:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek 8852BE Wireless LAN WiFi 6 PCI-E NIC
Physical Address. . . . . . . . . : 10-68-38-F2-D1-98
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 12-68-38-F2-D1-98
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Local Area Connection* 10:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
Physical Address. . . . . . . . . : 92-68-38-F2-D1-98
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 10-68-38-F2-D1-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter vEthernet (Default Switch):
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
Physical Address. . . . . . . . . : 00-15-5D-3F-05-D0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4bf9:4c3a:83eb:20a%22(Preferred)
IPv4 Address. . . . . . . . . . . : 172.25.144.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 369104221
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2D-30-3C-95-08-BF-B8-A7-0E-16
NetBIOS over Tcpip. . . . . . . . : Enablednetsh:
Enabled Connected Dedicated Ethernet 2
Enabled Connected Dedicated Ethernet
Enabled Disconnected Dedicated WiFiSince you previously mentioned special characters in device names, I noticed the character * are in some device names, which
I believe are related to Hyper-V virtual machines.
Also, I've tested with Go and using the gopacket/pcap library it's able to list devices using the same Npcap which PCPP is using:
devices, err := pcap.FindAllDevs()
if err != nil {
panic(err)
}
for _, device := range devices {
fmt.Println("Name: ", device.Name)
fmt.Println("Description: ", device.Description)
for _, address := range device.Addresses {
fmt.Println("- IP address: ", address.IP)
fmt.Println("- Subnet mask: ", address.Netmask)
}
}Thank you @gardc for the info! Can you look at your stack trace? Does it fail in the same place mentioned here https://github.com/seladb/PcapPlusPlus/issues/1176#issuecomment-1666749933?
If you can gather any information about the values passed to any of the methods in the stack trace, that'd be helpful. Or if you find a way to reproduce it on any Windows machine, that'd be even more helpful
nvcuong1312
commented
2 months ago Hello @seladb, i got same issue. I captured some debug stack.
seladb
commented
2 months ago Thank you @nvcuong1312 , this is very helpful!
I downloaded WinPcap source code and tracked the code according to the call stack you shared.
Apparently pcap_parsesrcstr() is called with an invalid p->opt.source. When I tracked where p->opt.source comes from I noticed that pcap_create_common() is called with the device name, in your case \\Device\\NPF_{2F8... and it does strdup() on that string, so maybe there is some issue with calling strdup() with this string?
In the stack trace you shared I can't see the full name (it's cut), can you shared the full name? We can try to write code that does the same
nvcuong1312
commented
2 months ago Update:
Im so sorry, i can't debug again. :((
seladb
commented
2 months ago @nvcuong1312 can you provide the interface full name? It's the one that starts with \\Device\\NPF_{2F8...
nvcuong1312
commented
2 months ago @seladb Please check: \Device\NPF{2F8F9236-C383-48C8-B906-23A580E395E1} \Device\NPF{1DFF1B7F-E403-4387-B44C-B21D523779E8} \Device\NPF_{719C4E89-4F17-4DCE-B727-ACA5A82EC47C}
seladb
commented
2 months ago I checked strdup on this string and it works, I have no idea why it fails on your machine 😕
That's definitely something internal in WinPcap, but I can't figure out what the problem might be...
Seres67
commented
2 months ago Currently running into the same issue, pcpp installed via vcpkg. Is there any way I can help?
EDIT: tried with conan and pcpp 23.09 and it works.
seladb
commented
2 months ago I think there is an issue with WinPcap which I can't identify, so I recommend switching to Npcap which is still maintained (WinPcap is abandoned). However there were reports of this issue with Npcap too, so if anyone stumbles upon this issue with Npcap I can look into it
psZachary
commented
1 month ago Yes, I do want to note that I recently used this project again for another project, it worked on the same PC
Could be issues with the underlying Windows system calls.
I would recommend trying to:
It's not the ideal solution but it seems to be what worked for me.
Hello, had a few issues with the live device list returning 0.
I've tried a few solutions discussed in a couple other closed issues to no avail.
Output:
size is: 0But I have installing npcap and winpcap (npcap before winpcap) and nothing worked, size is always 0.
When I type ipconfig, this is what is returned:
So clearly there is a network device on the computer.
I am running Windows 10 Pro 22h2, using vcpkg and Visual Studio 2022.
Current Status:
npcap: getPcapLiveDevicesList() empty winpcap: Causes crashes