[Winpcap-users] Problems with the modified wpcap.dll in Wireshark
Guy Harris
guy at alum.mit.edu
Wed Oct 17 19:25:10 GMT 2007
Gianluca Varenni wrote:
> The function is implemented in Packet.dll, the sources are in
> \winpcap\Packetntx\dll\packet32.cpp
> It's my understanding that you implemented support for your card
> directly in wpcap.dll. If so, the p->adapter field is a NULL/bogus
> pointer, so there Packet API will receive a NULL/bogus pointer!
Unfortunately, there's currently no setbuff_op entry in a pcap_t, so
WinPcap can only check whether the p->adapter field is null or not.
I've checked a change into the libpcap 1.0 branch to add a setbuff_op
entry, along with setmode_op and setmintocopy_op entries, had
pcap_setbuff(), pcap_setmode(), and pcap_setmintocopy() use them, and
set up savefile.c and pcap-win32.c to set the pointers appropriately.
That'd let the new SS7 stuff supply its own setbuff_op routine, which
could just return 0 and do nothing. A future libpcap 1.0-based WinPcap
will have those changes.
I've attached a patch for the change I checked in. Similar changes
would have to be made to the version of WinPcap to which the SS7 device
support is being added, and the open_live routine for the SS7 device
would have to set the setmode_op pointer to a routine that just returns 0.
-------------- next part --------------
Index: pcap-int.h
===================================================================
RCS file: /tcpdump/master/libpcap/pcap-int.h,v
retrieving revision 1.85
diff -c -r1.85 pcap-int.h
*** pcap-int.h 29 Sep 2007 19:33:29 -0000 1.85
--- pcap-int.h 17 Oct 2007 18:51:23 -0000
***************
*** 212,217 ****
--- 212,232 ----
int (*getnonblock_op)(pcap_t *, char *);
int (*setnonblock_op)(pcap_t *, int, char *);
int (*stats_op)(pcap_t *, struct pcap_stat *);
+ #ifdef WIN32
+ /*
+ * Win32-only; given the way the buffer size is set with BPF,
+ * to make this cross-platform we'll have to set the buffer
+ * size at open time.
+ */
+ int (*setbuff_op)(pcap_t *, int);
+
+ /*
+ * These are, at least currently, specific to the Win32 NPF
+ * driver.
+ */
+ int (*setmode_op)(pcap_t *, int);
+ int (*setmintocopy_op)(pcap_t *, int);
+ #endif
void (*close_op)(pcap_t *);
/*
Index: pcap-win32.c
===================================================================
RCS file: /tcpdump/master/libpcap/pcap-win32.c,v
retrieving revision 1.34
diff -c -r1.34 pcap-win32.c
*** pcap-win32.c 25 Sep 2007 20:34:36 -0000 1.34
--- pcap-win32.c 17 Oct 2007 18:51:24 -0000
***************
*** 100,105 ****
--- 100,142 ----
return 0;
}
+ /* Set the dimension of the kernel-level capture buffer */
+ static int
+ pcap_setbuff_win32(pcap_t *p, int dim)
+ {
+ if(PacketSetBuff(p->adapter,dim)==FALSE)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "driver error: not enough memory to allocate the kernel buffer");
+ return -1;
+ }
+ return 0;
+ }
+
+ /* Set the driver working mode */
+ static int
+ pcap_setmode_win32(pcap_t *p, int mode)
+ {
+ if(PacketSetMode(p->adapter,mode)==FALSE)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "driver error: working mode not recognized");
+ return -1;
+ }
+
+ return 0;
+ }
+
+ /*set the minimum amount of data that will release a read call*/
+ static int
+ pcap_setmintocopy_win32(pcap_t *p, int size)
+ {
+ if(PacketSetMinToCopy(p->adapter, size)==FALSE)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "driver error: unable to set the requested mintocopy size");
+ return -1;
+ }
+ return 0;
+ }
+
static int
pcap_read_win32_npf(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
{
***************
*** 641,646 ****
--- 678,686 ----
p->getnonblock_op = pcap_getnonblock_win32;
p->setnonblock_op = pcap_setnonblock_win32;
p->stats_op = pcap_stats_win32;
+ p->setbuff_op = pcap_setbuff_win32;
+ p->setmode_op = pcap_setmode_win32;
+ p->setmintocopy_op = pcap_setmintocopy_win32;
p->close_op = pcap_close_win32;
return (p);
***************
*** 747,807 ****
return (0);
}
- /* Set the driver working mode */
- int
- pcap_setmode(pcap_t *p, int mode){
-
- if (p->adapter==NULL)
- {
- snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "impossible to set mode while reading from a file");
- return -1;
- }
-
- if(PacketSetMode(p->adapter,mode)==FALSE)
- {
- snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "driver error: working mode not recognized");
- return -1;
- }
-
- return 0;
- }
-
- /* Set the dimension of the kernel-level capture buffer */
- int
- pcap_setbuff(pcap_t *p, int dim)
- {
- if (p->adapter==NULL)
- {
- snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "The kernel buffer size cannot be set while reading from a file");
- return -1;
- }
-
- if(PacketSetBuff(p->adapter,dim)==FALSE)
- {
- snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "driver error: not enough memory to allocate the kernel buffer");
- return -1;
- }
- return 0;
- }
-
- /*set the minimum amount of data that will release a read call*/
- int
- pcap_setmintocopy(pcap_t *p, int size)
- {
- if (p->adapter==NULL)
- {
- snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "Impossible to set the mintocopy parameter on an offline capture");
- return -1;
- }
-
- if(PacketSetMinToCopy(p->adapter, size)==FALSE)
- {
- snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "driver error: unable to set the requested mintocopy size");
- return -1;
- }
- return 0;
- }
-
/*platform-dependent routine to add devices other than NDIS interfaces*/
int
pcap_platform_finddevs(pcap_if_t **alldevsp, char *errbuf)
--- 787,792 ----
Index: pcap.c
===================================================================
RCS file: /tcpdump/master/libpcap/pcap.c,v
retrieving revision 1.112
diff -c -r1.112 pcap.c
*** pcap.c 5 Oct 2007 01:40:14 -0000 1.112
--- pcap.c 17 Oct 2007 18:51:25 -0000
***************
*** 757,762 ****
--- 757,806 ----
return (-1);
}
+ #ifdef WIN32
+ int
+ pcap_setbuff(pcap_t *p, int dim)
+ {
+ return p->setbuff_op(p, dim);
+ }
+
+ static int
+ pcap_setbuff_dead(pcap_t *p, int dim)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
+ "The kernel buffer size cannot be set on a pcap_open_dead pcap_t");
+ return (-1);
+ }
+
+ int
+ pcap_setmode(pcap_t *p, int mode)
+ {
+ return p->setmode_op(p, mode);
+ }
+
+ static int
+ pcap_setmode_dead(pcap_t *p, int mode)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
+ "impossible to set mode on a pcap_open_dead pcap_t");
+ return (-1);
+ }
+
+ int
+ pcap_setmintocopy(pcap_t *p, int size)
+ {
+ return p->setintocopy_op(p, size);
+ }
+
+ static int
+ pcap_setmintocopy_dead(pcap_t *p, int size)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
+ "The mintocopy parameter cannot be set on a pcap_open_dead pcap_t");
+ return (-1);
+ }
+ #endif
+
void
pcap_close_common(pcap_t *p)
{
***************
*** 786,791 ****
--- 830,840 ----
p->snapshot = snaplen;
p->linktype = linktype;
p->stats_op = pcap_stats_dead;
+ #ifdef WIN32
+ p->setbuff_op = pcap_setbuff_dead;
+ p->setmode_op = pcap_setmode_dead;
+ p->setmintocopy_op = pcap_setmintocopy_dead;
+ #endif
p->close_op = pcap_close_dead;
return p;
}
Index: savefile.c
===================================================================
RCS file: /tcpdump/master/libpcap/savefile.c,v
retrieving revision 1.168
diff -c -r1.168 savefile.c
*** savefile.c 5 Oct 2007 01:40:15 -0000 1.168
--- savefile.c 17 Oct 2007 18:51:25 -0000
***************
*** 953,958 ****
--- 953,984 ----
return (-1);
}
+ #ifdef WIN32
+ static int
+ sf_setbuff(pcap_t *p, int dim)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
+ "The kernel buffer size cannot be set while reading from a file");
+ return (-1);
+ }
+
+ static int
+ sf_setmode(pcap_t *p, int mode)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
+ "impossible to set mode while reading from a file");
+ return (-1);
+ }
+
+ static int
+ sf_setmintocopy(pcap_t *p, int size)
+ {
+ snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
+ "The mintocopy parameter cannot be set while reading from a file");
+ return (-1);
+ }
+ #endif
+
static int
sf_inject(pcap_t *p, const void *buf _U_, size_t size _U_)
{
***************
*** 1202,1207 ****
--- 1228,1238 ----
p->getnonblock_op = sf_getnonblock;
p->setnonblock_op = sf_setnonblock;
p->stats_op = sf_stats;
+ #ifdef WIN32
+ p->setbuff_op = sf_setbuff;
+ p->setmode_op = sf_setmode;
+ p->setmintocopy_op = sf_setmintocopy;
+ #endif
p->close_op = sf_close;
return (p);
More information about the Winpcap-users
mailing list