Wireshark-dev: Re: [Wireshark-dev] Wireshark fails to start with wpcap.dll built by Visual Stud

From: Yang Luo <hsluoyb@xxxxxxxxx>
Date: Thu, 4 Feb 2016 00:51:24 +0800
Hi Pascal,

Unfortunately, I have tested this issue under Win7 x64, Win8.1 x64 and Win10 x64. I found this issue only happens on Win8.1 and Win10. So maybe you need to test it with another OS of Win8.1 or Win10.

Cheers,
Yang

On Thu, Feb 4, 2016 at 12:26 AM, Pascal Quantin <pascal.quantin@xxxxxxxxx> wrote:


2016-02-03 16:16 GMT+01:00 Yang Luo <hsluoyb@xxxxxxxxx>:
Hi list, 

After several months, I retried updating wpcap project from VS 2005 to VS 2010) and encountered the same issue, under Wireshark 2.0.1 x64, Win10 x64.

The Wireshark UI said "Child dumpcap process died: Access violation". I don't know what this means, because I have used Administrator privilege to launch Wireshark.

I have just attached the x64 version wpcap.dll in this mail, you can just substitute it with the original WinPcap/Npcap version in C:\Windows\System32. Then launch Wireshark and you will see the crash. Hope that any one can see what's wrong with it here.

Hi Yang,

I just gave a test to you dll (have replaced the existing version in C:\windows\System32\ and C:\windows\SysWOW64\ and did not face a crash when running it on Windows 7 x64:

Version 2.0.2 (v2.0.2rc0-71-g1e10145 from master-2.0)


Copyright 1998-2016 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.

License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>

This is free software; see the source for copying conditions. There is NO

warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


Compiled (64-bit) with Qt 5.5.0, with WinPcap (4_1_3), with libz 1.2.8, with

GLib 2.42.0, with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.2, with GnuTLS

3.2.15, with Gcrypt 1.6.2, with MIT Kerberos, with GeoIP, with QtMultimedia,

with AirPcap.


Running on 64-bit Windows 7 Service Pack 1, build 7601, with locale C, with

Npcap version 0.05, based on WinPcap version 4.1.3 (packet.dll version

4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with

GnuTLS 3.2.15, with Gcrypt 1.6.2, with AirPcap 4.1.0 build 1622.

Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz (with SSE4.2), with 7879MB of physical

memory.



Built using Microsoft Visual C++ 12.0 build 40629


Wireshark is Open Source Software released under the GNU General Public License.


Check the man page and http://www.wireshark.org for more information.


Does it require a reboot of the system?

Pascal.


Cheers,
Yang



On Wed, Aug 5, 2015 at 1:27 PM, Yang Luo <hsluoyb@xxxxxxxxx> wrote:
Hi list,

The original WinPcap DLL, wpcap.dll is built by VS 2005, I have updated it to VS 2010 using VS automatic conversion wizard without changing one line of code. But when I launched Wireshark on Win8.1 x64, I encountered an app crash error:

-------------------------------------------------------------------------
Problem signature:
  Problem Event Name: APPCRASH
  Application Name: dumpcap.exe
  Application Version: 1.99.9.58
  Application Timestamp: 55be9e4d
  Fault Module Name: wpcap.dll
  Fault Module Version: 0.3.0.727
  Fault Module Timestamp: 55c19749
  Exception Code: c0000005
  Exception Offset: 000000000001fbca
  OS Version: 6.3.9600.2.0.0.256.4
  Locale ID: 1033
  Additional Information 1: 12c1
  Additional Information 2: 12c1dabe3a9c9d7be788f03210b25196
  Additional Information 3: b207
  Additional Information 4: b207cb8de8ff9d2641379d976acebfca

Read our privacy statement online:

If the online privacy statement is not available, please read our privacy statement offline:
  C:\Windows\system32\en-US\erofflps.txt
-------------------------------------------------------------------------

I have updated Packet.dll from VS 2005 to VS 2010 without problem. (If I use VS 2005 version wpcap.dll and VS 2010 version Packet.dll, it works fine) So it can't be lacking C run-time issue. I don't know what's wrong with it?


Cheers,
Yang


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe