[Winpcap-users] Checking whether adapter is alive
Bryan Kadzban
bryan at kadzban.is-a-geek.net
Wed Mar 22 18:01:19 GMT 2006
Loris Degioanni wrote:
> Thanks Bryan, I'll give a look at it probably next weekend.
Any progress on this? I've done some debugging here with the dump file,
and I think I found the reason for the blue screen. I don't know why
the values are what they are, but I do know what the issue is.
Inside the DeviceIoControl handler (NPF_IoControl in packet.c), in the
handler for BIOCSETOID / BIOCQUERYOID, the code does this after setting
up parameters:
NdisRequest(
&Status,
Open->AdapterHandle,
&pRequest->Request);
ndis.h has a #define for NdisRequest, though, that turns this whole
thing into something like:
PNDIS_OPEN_BLOCK var = (PNDIS_OPEN_BLOCK)(Open->AdapterHandle);
Status = (var->RequestHandler)(var->BindingHandle, &pRequest->Request);
(Although it doesn't have the temporary variable; I added that to more
closely match the disassembly I was seeing inside the debugger.)
var->RequestHandler is set to the address of ndisMRequest, inside
NDIS.sys (and that's the function that's causing the BSOD). The first
thing that that function does is dereference var->BindingHandle, which
is NULL in the memory dump that I have. This blue-screens.
Now, I'm not sure *why* the handle is NULL, but I suspect it may be the
way NDIS responds to device removals. (Using kd's !drvobject and
!devobj commands, I verified that the wireless device that I was
querying did *not* exist as a \Device\NPF_{<guid>} device while this was
happening.)
The easiest fix that I can come up with is to cast Open->AdapterHandle
to a PNDIS_OPEN_BLOCK, then check whether its BindingHandle is NULL,
before calling NdisRequest. (If your copy of ndis.h doesn't call it
BindingHandle, then it's the second field in the structure. I've seen
some ndis.h files while searching Google that call it other names.)
Then return some special error code to userspace. When my program gets
that error code, it'll close its handles and re-run its "get a handle" code.
The only possible problem I see is that the AdapterHandle might not be a
PNDIS_OPEN_BLOCK on all versions of Windows. It is on 2000, and
presumably is on XP and Vista, but I doubt that's the case on 9x. Maybe
that isn't a problem though.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://www.winpcap.org/pipermail/winpcap-users/attachments/20060322/71857070/signature.pgp
More information about the Winpcap-users
mailing list