none
In NDIS 6.0 , FilterSendNetBufferListsComplete after called NdisFSendNetBufferListsComplete , then cause BSOD , What's wrong? RRS feed

  • Question

  • In NDIS 6.0 , FilterSendNetBufferListsComplete after called NdisFSendNetBufferListsComplete , then cause BSOD , What's wrong?
    In FilterSendNetBufferLists, I modified the packet .
    Wednesday, February 26, 2014 10:04 AM

All replies

  • You're going to have to supply a lot more information if you expect anyone to be able to help you. How are you performing your modification? Are you being called with the same NBLs that you completed?

     -Brian


    Azius Developer Training www.azius.com Windows device driver, internals, security, & forensics training and consulting.

    Wednesday, February 26, 2014 11:21 PM
    Moderator
  • I modified the packet ,  only get the real data , xor the real data , and calc checksum , then send packet.
    Thursday, February 27, 2014 3:05 AM
  • not modified the packet's size
    Thursday, February 27, 2014 3:06 AM
  • post your code

    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Thursday, February 27, 2014 6:52 PM
  • (1).in FilterSendNetBufferLists:

    uRet = Ndis6FilterSendPacket( pFilter, NetBufferLists , &pNewNetBufferLists );
    if ( uRet == BLOCK_PACKET ) break;

    if ( pNewNetBufferLists != NULL )
    {
    SendFlags |= NDIS_SEND_FLAGS_CHECK_FOR_LOOPBACK;
    NdisFSendNetBufferLists(pFilter->FilterHandle, pNewNetBufferLists, NDIS_DEFAULT_PORT_NUMBER, SendFlags);
    }
    else
    NdisFSendNetBufferLists(pFilter->FilterHandle, NetBufferLists, PortNumber, SendFlags);


    (2).in  Ndis6FilterSendPacket:

    pNewBufList = allocateNetBufferAndList( pFilter, PacketSize , TRUE );
    if (  pNewBufList == NULL ) break;

    NtStatus = NdisCopyFromNetBufferToNetBuffer(NET_BUFFER_LIST_FIRST_NB(pNewBufList),
    0,
    PacketSize,
    NET_BUFFER_LIST_FIRST_NB(pSendPacketList),
    0,
    &BytesCopied);

    if( NtStatus != STATUS_SUCCESS )
    {
    *pNewNetBufferLists = NULL;
    FreeMdlAndNetBufferList( pNewBufList );
    break;
    }

    NtStatus = ModifySendPacket( pFilter , pNewBufList );

    if( NtStatus != STATUS_SUCCESS )
    {
    *pNewNetBufferLists = NULL;
    FreeMdlAndNetBufferList( pNewBufList );
    break;
    }

    NET_BUFFER_LIST_INFO(pNewBufList, TcpIpChecksumNetBufferListInfo) = NET_BUFFER_LIST_INFO(pSendPacketList, TcpIpChecksumNetBufferListInfo); 

    NET_BUFFER_DATA_LENGTH(NET_BUFFER_LIST_FIRST_NB(pNewBufList)) = BytesCopied;

    pNewBufList->SourceHandle = pFilter->SendNetBufferListPool;

    if(*pNewNetBufferLists == NULL)  
    {  
    *pNewNetBufferLists = pCopyNBLTail = pNewBufList;  
    }  
    else  
    {  
    NET_BUFFER_LIST_NEXT_NBL(pCopyNBLTail) = pNewBufList;  
    }

    (3).in FilterSendNetBufferListsComplete:
       
    if(NdisGetPoolFromNetBufferList(NetBufferLists) == pFilter->SendNetBufferListPool)  
    {  
    //Please just free this NBL  
    bRet =  FreeMdlAndNetBufferList(NetBufferLists);  
    if(bRet == TRUE)  
    {  
    PRINTLOG(("Free my own NBL ====== FilterSendNetBufferListsComplete \n"));  
    }

    return;
    }


    • Edited by taianmonkey Thursday, July 17, 2014 3:09 AM
    Thursday, July 17, 2014 3:06 AM
  • Anyone can help me ? thanx!
    Monday, July 21, 2014 2:22 AM