PcapLiveDeviceList::getPcapLiveDevicesList() empty vector / error

[psZachary]

Hello, had a few issues with the live device list returning 0.

I've tried a few solutions discussed in a couple other closed issues to no avail.

int size = pcpp::PcapLiveDeviceList::getInstance().getPcapLiveDevicesList().size();
	std::cout << "size is: " << size << std::endl;

Output:
size is: 0

But I have installing npcap and winpcap (npcap before winpcap) and nothing worked, size is always 0.

When I type ipconfig, this is what is returned:

So clearly there is a network device on the computer.

I am running Windows 10 Pro 22h2, using vcpkg and Visual Studio 2022.

Current Status:

npcap: getPcapLiveDevicesList() empty
winpcap: Causes crashes

[psZachary]

I also want to say that after installing WinPCap, I may have got something to work, but now I get an strstr error

Error on:

auto device_list = pcpp::PcapLiveDeviceList::getInstance().getPcapLiveDevicesList();

strstr error:

Error function (PcapPlusPlus pcap-new.c):

Stack trace:

[seladb]

The exception seems to be inside of WinPcap and not in PcapPlusPlus source code, so it's hard to know what's the issue...

Do you see this interface when using Wireshark or tcpdump?

[psZachary]

The exception seems to be inside of WinPcap and not in PcapPlusPlus source code, so it's hard to know what's the issue...

Do you see this interface when using Wireshark or tcpdump?

Yes, I do see the interface when using Wireshark.

[ganeshharihara]

For what its worth, I am running into the same issue, also installed via vcpkg. haven't tried using winpcap yet.

Also, same code I am using works when using the precompiled example project. Tried compiling everything in msvc 142 to match the example project, but getting a unresolved external symbol __std__find_trivial_1 while linking

[seladb]

@psZachary @ganeshharihara I'm not sure the latest release (v22.11) that you installed via vcpkg works well in VS2022, maybe that's the problem?

One thing that you can do is build from source. We recently moved to CMake so buidling from master branch should be easy and it supports VS2022. Here are the build instructions for the master branch:
https://pcapplusplus.github.io/docs/next/install/vs

[ganeshharihara]

hi @seladb I tried building via instructions you passed and linking and getting the same error. Any thoughts?

EDIT: Actually got it to work, but trying to figure out how to compile with ztsd support. Doesnt seem to be an option in the config setup for windows

[seladb]

@ganeshharihara @psZachary I did some research and it seems to be something with the interface name or description.
What I think happens is that there is a call to Win32 API PacketGetAdapterNames and then the description is saved in a desc variable like here. This string is the same as source that cause the crash.

Maybe the interface description is empty or has some non-standard characters?

Can you please run ipconfig /all and netsh interface show interface and print the output?

[psZachary]

Ahh, classic WinApi issue, with unicode strings and whatnot, I'd like to thank you for your dedication to this issue.
Maybe I can call the function myself in a debug program and test if it fails? Or what is returned. Either way I don't think that the description has empty characters or non standard characters. Here's the device description pasted directly from the device manager windows application: Linksys WUSB6300
(there is a \n escape character at the end of the description, but I think they add it to the end when copying)

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Linksys WUSB6300
   Physical Address. . . . . . . . . : C8-D7-19-C1-E3-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4acc:61f9:5b82:8ba4%4
   IPv4 Address. . . . . . . . . . . : 192.168.86.35
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, August 14, 2023 10:09:06 AM
   Lease Expires . . . . . . . . . . : Tuesday, August 15, 2023 10:13:19 AM
   Default Gateway . . . . . . . . . : 192.168.86.1
   DHCP Server . . . . . . . . . . . : 192.168.86.1
   DHCPv6 IAID . . . . . . . . . . . : 63493913
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-25-7D-10-C6-30-9C-23-D3-08-A4
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

[seladb]

@psZachary @ganeshharihara I downloaded WinPcap source code and tried to follow the stack trace again. I still think that PacketGetAdapterNames is the source of the problem. Maybe you can run it locally and then run the rest of the code mentioned in https://github.com/SageAxcess/pcap-ndis6/blob/77c9f02f5a774a5976e7fb96f667b5abb335d299/src/libpcap/pcap-win32.c#L1305?

@psZachary from your example it seems the interface name and desc are ok and don't contain any non-standard characters. So maybe there is a permission issue reading the data using PacketGetAdapterNames? It's hard for me to tell, so I'll need your help debugging it...

[seladb]

@psZachary @ganeshharihara any update on this?

[seladb]

I am closing this issue because I haven't gotten a response yet. If anyone stumbles upon this issue and can help debug it, I'd really appreciate it!

[gardc]

I get the same issue! With WinPcap it produced the same exception as previously posted in this thread, with Npcap installed auto devices = pcpp::PcapLiveDeviceList::getInstance().getPcapLiveDevicesList(); returns an empty vector.

PCPP installed via Vcpkg on Windows 23H2, Visual Studio 2022, Npcap 1.79.

[seladb]

Thanks @gardc ! Since I can't reproduce the issue locally, I'll be very happy if you can help debug it on your system. I provided some insights in these comments: #1176 (comment), #1176 (comment)

[gardc]

Thanks @gardc ! Since I can't reproduce the issue locally, I'll be very happy if you can help debug it on your system. I provided some insights in these comments: #1176 (comment), #1176 (comment)

I can do what I can to help! Here is my ipconfig output:

C:\Users\gaming>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-98DHS8R
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek Gaming 2.5GbE Family Controller
   Physical Address. . . . . . . . . : 08-BF-B8-A7-0E-16
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, February 22, 2024 10:23:54 PM
   Lease Expires . . . . . . . . . . : Friday, February 23, 2024 5:23:54 AM
   Default Gateway . . . . . . . . . : 10.0.0.138
   DHCP Server . . . . . . . . . . . : 10.0.0.138
   DNS Servers . . . . . . . . . . . : 148.122.164.253
                                       148.122.16.253
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 0A-00-27-00-00-03
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5515:b77a:3a2b:385b%3(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 722075687
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2D-30-3C-95-08-BF-B8-A7-0E-16
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter WiFi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek 8852BE Wireless LAN WiFi 6 PCI-E NIC
   Physical Address. . . . . . . . . : 10-68-38-F2-D1-98
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 12-68-38-F2-D1-98
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 10:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : 92-68-38-F2-D1-98
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 10-68-38-F2-D1-99
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (Default Switch):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-15-5D-3F-05-D0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4bf9:4c3a:83eb:20a%22(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.25.144.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 369104221
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2D-30-3C-95-08-BF-B8-A7-0E-16
   NetBIOS over Tcpip. . . . . . . . : Enabled

netsh:

Enabled        Connected      Dedicated        Ethernet 2
Enabled        Connected      Dedicated        Ethernet
Enabled        Disconnected   Dedicated        WiFi

Since you previously mentioned special characters in device names, I noticed the character * are in some device names, which
I believe are related to Hyper-V virtual machines.

Also, I've tested with Go and using the gopacket/pcap library it's able to list devices using the same Npcap which PCPP is using:

        devices, err := pcap.FindAllDevs()
	if err != nil {
		panic(err)
	}
	for _, device := range devices {
		fmt.Println("Name: ", device.Name)
		fmt.Println("Description: ", device.Description)
		for _, address := range device.Addresses {
			fmt.Println("- IP address: ", address.IP)
			fmt.Println("- Subnet mask: ", address.Netmask)
		}

	}

[seladb]

Thank you @gardc for the info! Can you look at your stack trace? Does it fail in the same place mentioned here #1176 (comment)?

If you can gather any information about the values passed to any of the methods in the stack trace, that'd be helpful. Or if you find a way to reproduce it on any Windows machine, that'd be even more helpful

[nvcuong1312]

Hello @seladb, i got same issue.
I captured some debug stack.

Screenshot.zip

[seladb]

Thank you @nvcuong1312 , this is very helpful!

I downloaded WinPcap source code and tracked the code according to the call stack you shared.

Apparently pcap_parsesrcstr() is called with an invalid p->opt.source. When I tracked where p->opt.source comes from I noticed that pcap_create_common() is called with the device name, in your case \\Device\\NPF_{2F8... and it does strdup() on that string, so maybe there is some issue with calling strdup() with this string?

In the stack trace you shared I can't see the full name (it's cut), can you shared the full name? We can try to write code that does the same

[nvcuong1312]

@seladb Ok! Please wait
By the way, Im tested with conan (use npcap) it run normal.

Update:
Im so sorry, i can't debug again. :((

[seladb]

@nvcuong1312 can you provide the interface full name? It's the one that starts with \\Device\\NPF_{2F8...

[nvcuong1312]

@seladb Please check:
\Device\NPF_{2F8F9236-C383-48C8-B906-23A580E395E1}
\Device\NPF_{1DFF1B7F-E403-4387-B44C-B21D523779E8}
\Device\NPF_{719C4E89-4F17-4DCE-B727-ACA5A82EC47C}

[seladb]

I checked strdup on this string and it works, I have no idea why it fails on your machine 😕
That's definitely something internal in WinPcap, but I can't figure out what the problem might be...

[Seres67]

Currently running into the same issue, pcpp installed via vcpkg. Is there any way I can help?

EDIT: tried with conan and pcpp 23.09 and it works.

[seladb]

I think there is an issue with WinPcap which I can't identify, so I recommend switching to Npcap which is still maintained (WinPcap is abandoned).
However there were reports of this issue with Npcap too, so if anyone stumbles upon this issue with Npcap I can look into it

[psZachary]

Yes, I do want to note that I recently used this project again for another project, it worked on the same PC

Could be issues with the underlying Windows system calls.

I would recommend trying to:

1. Factory reset PC
2. Fresh Windows install from a USB

It's not the ideal solution but it seems to be what worked for me.