Hi Pascal, This issue is because some parts of Npcap have been migrated to MSVC2010, however Win10 RTM lacks VC2010 redist package. I have changed to static link the libs, and tested on my Win10 RTM. Latest installer that has this bug fixed is: https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.03-r5.exe <https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.03-r5.exe>
Cheers, Yang On Thu, Aug 6, 2015 at 5:07 PM, Pascal Quantin <pascal.quan...@gmail.com> wrote: > > > 2015-08-05 9:39 GMT+02:00 Yang Luo <hslu...@gmail.com>: > >> Hello Jim, >> >> On Tue, Aug 4, 2015 at 12:23 PM, Jim Young <jyo...@gsu.edu> wrote: >> >>> Hello Yang, >>> >>> While testing Npcap 0.03-r3 I stumbled into one reproducible issue but I >>> also triggered a crash (which I am currently unable to reproduce). >>> >>> The reproducible issue involves capturing on the Npcap loopback >>> interface and >>> then starting a cmd shell and pinging the loopback address as follows: >>> >>> ping -t -l 65500 127.0.0.1 >>> >>> The first several ping requests and responses are seen and captured but >>> after >>> several seconds I started seeing "[Malformed Packets]" of length 14. A >>> pair of >>> Malformed packets were seen each second. When I stopped the ping, the >>> Malformed >>> Packets stopped. I stopped and restarted Wireshark but the same thing >>> happened. >>> >> >> Thanks for test. I have confirmed and fixed this "Malformed Packets" >> issue, this is because the packet read function *NPF_TapExForEachOpen* >> didn't copy the 2nd MDL data if the data has crossed the buffer boundary. >> Latest installer that has this bug fixed is: >> https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.03-r4.exe >> <https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.03-r4.exe> >> >> >>> I then wanted to reboot the system to see if I could still replicate >>> this Malformed >>> Packet issue. >>> >>> After the system rebooted I double-clicked on the Wireshark icon but it >>> did not >>> immediately start. I thought that I had not double-clicked on it >>> properly so I >>> double-clicked on the Wireshark icon a second time and then the system >>> crashed >>> with the following Bug Check Message: >>> >>> DRIVER_IRQL_NOT_LESS_OR_EQUAL >>> >> >> This is still the *NdisFOidRequest* BSoD issue we talked about on this >> list before, IMO this BSoD has nothing to do with the "Malformed Packets" >> issue. The last way to fix it is to just disable the GetDeviceMTU call and >> directly returns 1514 for MTU, so this issue should be got rid of, however >> this is never a good way to fix a problem. >> >> >> > Hi Yang, > > I tried to install this npcap-nmap-0.03-r4 release on 2 different Windows > 10 x64 French virtual machines which are up to date (with KB3081424 > applied) and each time I get an error during a fresh installation of Npcap > with the following popup: > "Failed to create the npcap service for Win7 or Win8. Please try > installing Npcap again, or use the official Npcap installer from > www.nmap.org". > I have no issue installing npcap-nmap-0.03 on the same machine. Did you > change anything in the installer? > > Cheers, > Pascal. > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
