2015-08-05 9:39 GMT+02:00 Yang Luo <hslu...@gmail.com>: > Hello Jim, > > On Tue, Aug 4, 2015 at 12:23 PM, Jim Young <jyo...@gsu.edu> wrote: > >> Hello Yang, >> >> While testing Npcap 0.03-r3 I stumbled into one reproducible issue but I >> also triggered a crash (which I am currently unable to reproduce). >> >> The reproducible issue involves capturing on the Npcap loopback interface >> and >> then starting a cmd shell and pinging the loopback address as follows: >> >> ping -t -l 65500 127.0.0.1 >> >> The first several ping requests and responses are seen and captured but >> after >> several seconds I started seeing "[Malformed Packets]" of length 14. A >> pair of >> Malformed packets were seen each second. When I stopped the ping, the >> Malformed >> Packets stopped. I stopped and restarted Wireshark but the same thing >> happened. >> > > Thanks for test. I have confirmed and fixed this "Malformed Packets" > issue, this is because the packet read function *NPF_TapExForEachOpen* > didn't copy the 2nd MDL data if the data has crossed the buffer boundary. > Latest installer that has this bug fixed is: > https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.03-r4.exe > <https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.03-r4.exe> > > >> I then wanted to reboot the system to see if I could still replicate this >> Malformed >> Packet issue. >> >> After the system rebooted I double-clicked on the Wireshark icon but it >> did not >> immediately start. I thought that I had not double-clicked on it >> properly so I >> double-clicked on the Wireshark icon a second time and then the system >> crashed >> with the following Bug Check Message: >> >> DRIVER_IRQL_NOT_LESS_OR_EQUAL >> > > This is still the *NdisFOidRequest* BSoD issue we talked about on this > list before, IMO this BSoD has nothing to do with the "Malformed Packets" > issue. The last way to fix it is to just disable the GetDeviceMTU call and > directly returns 1514 for MTU, so this issue should be got rid of, however > this is never a good way to fix a problem. > > > Hi Yang,
I tried to install this npcap-nmap-0.03-r4 release on 2 different Windows 10 x64 French virtual machines which are up to date (with KB3081424 applied) and each time I get an error during a fresh installation of Npcap with the following popup: "Failed to create the npcap service for Win7 or Win8. Please try installing Npcap again, or use the official Npcap installer from www.nmap.org". I have no issue installing npcap-nmap-0.03 on the same machine. Did you change anything in the installer? Cheers, Pascal.
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
