In my copious amount of free time I've been messing around with network analysis and security. I've always been generally interested in networking technology, but have never really had much practical exposure to it. Sometimes, however, it is nice to be able to analyze a network and see what kind of information is actually coming across the wire. In my last article I mentioned a tool called WireShark which is a free, open source network analyzer aka packet sniffer.
WireShark is a great tool and has its own set of extension points, but I wanted lower level access to the packets being captured. My understanding of the politics and genesis is lacking, but it seems like the WinPCap library is the Windows version of the libpcap packet capture library from the *NIX world. Naturally, WinPCap is coded in C and even though I have some background in it, the tool I am looking to develop requires a lot of UI work. Instead of stepping back into the land of MFC/Win32, I tried to locate a Managed version of WinPCap. The closest thing I could find was this Ancient Project on CodeProject.com. It hasn't been updated since 2003 and isn't a "fully" managed wrapper (also, the source code in the download is just to the example, not the wrapper).
I figured, "If this guy can do PInvoke, so can I". Thus, I downloaded the WinPCap developer pack and attempted to open the example solution in Visual Studio 2008. Visual Studio 2008 alerted me to the fact that I had to upgrade the project (which was actually a VS 6.0 .dsw file) and I happily agreed. The upgrade went smooth so I attempted to compile the solution, but received the following error:
"error C3163: '_vsnprintf': attributes inconsistent with previous declaration c:\program files\Microsoft visual studio 9.0\vc\include\stdio.h 358 savedump"
Crap. Apparently this is a common problem when compiling older C++ code with the Visual Studio 2008 C++ compiler. Now, I didn't find a solution for this on the net specific to WinPCap, but several forum posts across other projects lead me to the following solution.
First, find the pcap-stdinc.h file on your system. It should be located in: "...\WpdPack_4_0_2\WpdPack\Include"
Next, locate the following code near the bottom of your header:
#define snprintf _snprintf
#define vsnprintf _vsnprintf
#define inline __inline
The problem, as we can tell from the compiler error, is that the "#define vsnprintf _vsnprintf" causes some incompatibilities with what is already in stdio.h. Modify your code to the following and save the header:
#define snprintf _snprintf
#if !defined( __MINGW32__ )
# if _MSC_VER < 1500
#define vsnprintf _vsnprintf
# endif
#endif
#define inline __inline
You should now be able to compile all the examples in the solution!
All that we've done is check the version of the compiler at compile time. If the version is prior to MSC++ 9.0 then we go ahead and do the #define. Otherwise, we don't do the #define and rely on what is in stdio.h.
This solution is general in nature, i.e. anything that defines _vsnprintf may exhibit this issue, but specific in the sense that the exact location of the code to modify will vary by project. In the case of WinPCap, everything is groovy at this point. Now I just need to learn everything I can about PInvoke : )