[Winpcap-users] Error message propagation to wireshark

[Wozniak, Jan (EXT)]

Dear winpcap developers,

I have recently stumbled upon behavior of winpcap with propagation of error messages or lack thereof. I'd like to ask, whether below proposed correction would be possible in the next version of winpcap.

Description of problem:
certain device we have been working with supports rpcap interface for more convenient debugging and behavior tracing via wireshark. For efficiency purposes, the device allows only one opened rpcap interface, and if there is an attempt to open multiple interfaces, the device sends rpcap error message with proper explanation. Wireshark doesn't receive the error message and displays general error message.

Implementation description:
1. wireshark: dumpcap.c - open_capture_device() - line 643
   - pcap_open() returns NULL without forwarded error message
2. wpcap: pcap-new.c - pcap_open() - line 912
   - pcap_opensource_remote() returns error and sets error message to fp->errbuf, which is not forwarded to function argument errbuf

Proposed solution:
add one line to the wpcap file pcap-new.c after line 916 forwarding error message to wireshark

914 if (result != 0)
915 {
916     pcap_close(fp);
917     snprintf(errbuf, PCAP_ERRBUF_SIZE, fp->errbuf); //forward the message to wireshark
918     return NULL;
919 }

This sufficiently resolves our problem.

Thank you very much.


Sincerely,
Jan Wozniak.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winpcap.org/pipermail/winpcap-users/attachments/20140505/3cb1d7bd/attachment.html>