winevt_c 0.3.2-x64-mingw32 → 0.3.3-x64-mingw32

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 796d07047951ecc8f038dfec2db2bf970da7f8a4f63b6ca9c0c01136fb5cb4cf
-  data.tar.gz: bad21f43be67c17e8b54721ecb34cfd6c00cd4b51c0f81cf84c5596829931c72
+  metadata.gz: d4b225fc8a72ae39edff6f2f16b965a1dd5dcabea9e1410a70db49e2260cd761
+  data.tar.gz: 45a7b724b53c3e1c5e13d78b45ec518382a6dad813abfa323783bcb8cff2434e
 SHA512:
-  metadata.gz: e15c6bb8b48c107e6534f4d727331ae020aa431cb8f4264bd47dc6455dad37dd9ce658f0a1f1b0314a9f46d46c3b7e2d1562d5d3f6df6b62f184cc25c082b0a0
-  data.tar.gz: ecc10d8c811200216058dc6072fd43920aafd98903b5d60203a0240531908ca65cb7445e564a94890ca3f9022da9c4722299aea0e27cced890e6f5ab57513164
+  metadata.gz: f6fdb7e8d26a4be2b855912d683da673a015374665c0aa567cb3ab8146c20339ed121d4999ef0936938c777187961d06d7fb2bb92cb936f2bd8779f9ff3af513
+  data.tar.gz: f4ecd13bc667dfbd7066dc7ecfdfebfdb11a6e01660c2a07bd9b9b5086e8155d85ff9e54920d92be386261bc82069b6eaf4091c8e2e2d76cec7f9cf4b405e5fe

data/ext/winevt/winevt_utils.c

@@ -134,6 +134,9 @@ VALUE get_values(EVT_HANDLE handle)
 
   for (int i = 0; i < propCount; i++) {
     switch (pRenderedValues[i].Type) {
+    case EvtVarTypeNull:
+      rb_ary_push(userValues, Qnil);
+      break;
     case EvtVarTypeString:
       if (pRenderedValues[i].StringVal == NULL) {
         rb_ary_push(userValues, rb_utf8_str_new_cstr("(NULL)"));
@@ -193,16 +196,6 @@ VALUE get_values(EVT_HANDLE handle)
       result = pRenderedValues[i].BooleanVal ? "true" : "false";
       rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
       break;
-    case EvtVarTypeHexInt32:
-      rbObj = ULONG2NUM(pRenderedValues[i].UInt32Val);
-      rbObj = rb_sprintf("%#x", rbObj);
-      rb_ary_push(userValues, rbObj);
-      break;
-    case EvtVarTypeHexInt64:
-      rbObj = ULONG2NUM(pRenderedValues[i].UInt64Val);
-      rbObj = rb_sprintf("%#x", rbObj);
-      rb_ary_push(userValues, rbObj);
-      break;
     case EvtVarTypeGuid:
       if (pRenderedValues[i].GuidVal != NULL) {
         StringFromCLSID(pRenderedValues[i].GuidVal, &tmpWChar);
@@ -212,13 +205,9 @@ VALUE get_values(EVT_HANDLE handle)
         rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
       }
       break;
-    case EvtVarTypeSid:
-      if (ConvertSidToStringSidW(pRenderedValues[i].SidVal, &tmpWChar)) {
-        result = wstr_to_mbstr(CP_UTF8, tmpWChar, -1);
-        rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
-      } else {
-        rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
-      }
+    case EvtVarTypeSizeT:
+      rbObj = SIZET2NUM(pRenderedValues[i].SizeTVal);
+      rb_ary_push(userValues, rbObj);
       break;
     case EvtVarTypeFileTime:
       timestamp.QuadPart = pRenderedValues[i].FileTimeVal;
@@ -234,6 +223,44 @@ VALUE get_values(EVT_HANDLE handle)
         rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
       }
       break;
+    case EvtVarTypeSysTime:
+      if (pRenderedValues[i].SysTimeVal != NULL) {
+        st = *pRenderedValues[i].SysTimeVal;
+        sprintf(strTime, "%04d-%02d-%02d %02d:%02d:%02d.%dZ",
+                st.wYear , st.wMonth , st.wDay ,
+                st.wHour , st.wMinute , st.wSecond,
+                st.wMilliseconds);
+        rb_ary_push(userValues, rb_utf8_str_new_cstr(strTime));
+      } else {
+        rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
+      }
+      break;
+    case EvtVarTypeSid:
+      if (ConvertSidToStringSidW(pRenderedValues[i].SidVal, &tmpWChar)) {
+        result = wstr_to_mbstr(CP_UTF8, tmpWChar, -1);
+        rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
+      } else {
+        rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
+      }
+      break;
+    case EvtVarTypeHexInt32:
+      rbObj = ULONG2NUM(pRenderedValues[i].UInt32Val);
+      rbObj = rb_sprintf("%#x", rbObj);
+      rb_ary_push(userValues, rbObj);
+      break;
+    case EvtVarTypeHexInt64:
+      rbObj = ULONG2NUM(pRenderedValues[i].UInt64Val);
+      rbObj = rb_sprintf("%#x", rbObj);
+      rb_ary_push(userValues, rbObj);
+      break;
+    case EvtVarTypeEvtXml:
+      if (pRenderedValues[i].XmlVal == NULL) {
+        rb_ary_push(userValues, rb_utf8_str_new_cstr("(NULL)"));
+      } else {
+        result = wstr_to_mbstr(CP_UTF8, pRenderedValues[i].XmlVal, -1);
+        rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
+      }
+      break;
     default:
       rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
       break;

data/lib/winevt/query.rb

@@ -4,9 +4,9 @@ module Winevt
       alias_method :each_raw, :each
       def each
         each_raw do |xml, message, string_inserts|
-          message = message.gsub(/(%\d+)/, '\1$s')
-          message = sprintf(message, *string_inserts) rescue message.gsub(/(%\d+)/, "?")
-          yield(xml, message, string_inserts)
+          placeholdered_message = message.gsub(/(%\d+)/, '\1$s')
+          replaced_message = sprintf(placeholdered_message, *string_inserts) rescue message.gsub(/(%\d+)/, "?")
+          yield(xml, replaced_message, string_inserts)
         end
       end
     end

data/lib/winevt/subscribe.rb

@@ -4,9 +4,9 @@ module Winevt
       alias_method :each_raw, :each
       def each
         each_raw do |xml, message, string_inserts|
-          message = message.gsub(/(%\d+)/, '\1$s')
-          message = sprintf(message, *string_inserts) rescue message.gsub(/(%\d+)/, "?")
-          yield(xml, message, string_inserts)
+          placeholdered_message = message.gsub(/(%\d+)/, '\1$s')
+          replaced_message = sprintf(placeholdered_message, *string_inserts) rescue message.gsub(/(%\d+)/, "?")
+          yield(xml, replaced_message, string_inserts)
         end
       end
     end

data/lib/winevt/version.rb

@@ -1,3 +1,3 @@
 module Winevt
-  VERSION = "0.3.2"
+  VERSION = "0.3.3"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: winevt_c
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 0.3.3
 platform: x64-mingw32
 authors:
 - Hiroshi Hatake