winevt_c 0.3.2-x86-mingw32 → 0.3.3-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d810f976d0bd182ffdf7bf16c5ae321e80098f975a4e5c25538f120d84e75106
4
- data.tar.gz: 06c5cab117100dfa64050a9153736c82ed9a85d571b5c1d4b818cb505209b1cd
3
+ metadata.gz: '08a0f43cef62aad6e5d4b0af93dbb900d4f0db4c1c6988aa6c47180a65868544'
4
+ data.tar.gz: '02907f6522776b4a7dc20d624806d74adc803fc7dcef64484cbc71ed26e5265d'
5
5
  SHA512:
6
- metadata.gz: 536343216d88429c3be1aff745e6ebbc41194f38dfd2bd34ece1e0b75df77e62f562dabad06bb16b4ddc6031ede1d898854817dc5694c12f37135eadac3b8a1f
7
- data.tar.gz: c6b5242c05ad3988df136a7d9a143d3e31ca1d45137c2ff5e5d4e0df660d32fe3eafb6fbead2ca85a5040b5f408c669d9a1674acaa14d64dfafe57d680876699
6
+ metadata.gz: ea2b090beec056b28ce941fe25cc0fd77dce98924ccb57aca4a2922a7c9b2a1555eff1090d975ba8c9d725d21d2aac0dd040b95435abe7767db0953ac4b84f66
7
+ data.tar.gz: 3993f346442e8c94edf1e331112b4002fa06529267db527b04ab4352292f63f38aad193e8d5f73934359800abb79766e2912b80c9d40f8ee43da167f25e433b9
@@ -134,6 +134,9 @@ VALUE get_values(EVT_HANDLE handle)
134
134
 
135
135
  for (int i = 0; i < propCount; i++) {
136
136
  switch (pRenderedValues[i].Type) {
137
+ case EvtVarTypeNull:
138
+ rb_ary_push(userValues, Qnil);
139
+ break;
137
140
  case EvtVarTypeString:
138
141
  if (pRenderedValues[i].StringVal == NULL) {
139
142
  rb_ary_push(userValues, rb_utf8_str_new_cstr("(NULL)"));
@@ -193,16 +196,6 @@ VALUE get_values(EVT_HANDLE handle)
193
196
  result = pRenderedValues[i].BooleanVal ? "true" : "false";
194
197
  rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
195
198
  break;
196
- case EvtVarTypeHexInt32:
197
- rbObj = ULONG2NUM(pRenderedValues[i].UInt32Val);
198
- rbObj = rb_sprintf("%#x", rbObj);
199
- rb_ary_push(userValues, rbObj);
200
- break;
201
- case EvtVarTypeHexInt64:
202
- rbObj = ULONG2NUM(pRenderedValues[i].UInt64Val);
203
- rbObj = rb_sprintf("%#x", rbObj);
204
- rb_ary_push(userValues, rbObj);
205
- break;
206
199
  case EvtVarTypeGuid:
207
200
  if (pRenderedValues[i].GuidVal != NULL) {
208
201
  StringFromCLSID(pRenderedValues[i].GuidVal, &tmpWChar);
@@ -212,13 +205,9 @@ VALUE get_values(EVT_HANDLE handle)
212
205
  rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
213
206
  }
214
207
  break;
215
- case EvtVarTypeSid:
216
- if (ConvertSidToStringSidW(pRenderedValues[i].SidVal, &tmpWChar)) {
217
- result = wstr_to_mbstr(CP_UTF8, tmpWChar, -1);
218
- rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
219
- } else {
220
- rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
221
- }
208
+ case EvtVarTypeSizeT:
209
+ rbObj = SIZET2NUM(pRenderedValues[i].SizeTVal);
210
+ rb_ary_push(userValues, rbObj);
222
211
  break;
223
212
  case EvtVarTypeFileTime:
224
213
  timestamp.QuadPart = pRenderedValues[i].FileTimeVal;
@@ -234,6 +223,44 @@ VALUE get_values(EVT_HANDLE handle)
234
223
  rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
235
224
  }
236
225
  break;
226
+ case EvtVarTypeSysTime:
227
+ if (pRenderedValues[i].SysTimeVal != NULL) {
228
+ st = *pRenderedValues[i].SysTimeVal;
229
+ sprintf(strTime, "%04d-%02d-%02d %02d:%02d:%02d.%dZ",
230
+ st.wYear , st.wMonth , st.wDay ,
231
+ st.wHour , st.wMinute , st.wSecond,
232
+ st.wMilliseconds);
233
+ rb_ary_push(userValues, rb_utf8_str_new_cstr(strTime));
234
+ } else {
235
+ rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
236
+ }
237
+ break;
238
+ case EvtVarTypeSid:
239
+ if (ConvertSidToStringSidW(pRenderedValues[i].SidVal, &tmpWChar)) {
240
+ result = wstr_to_mbstr(CP_UTF8, tmpWChar, -1);
241
+ rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
242
+ } else {
243
+ rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
244
+ }
245
+ break;
246
+ case EvtVarTypeHexInt32:
247
+ rbObj = ULONG2NUM(pRenderedValues[i].UInt32Val);
248
+ rbObj = rb_sprintf("%#x", rbObj);
249
+ rb_ary_push(userValues, rbObj);
250
+ break;
251
+ case EvtVarTypeHexInt64:
252
+ rbObj = ULONG2NUM(pRenderedValues[i].UInt64Val);
253
+ rbObj = rb_sprintf("%#x", rbObj);
254
+ rb_ary_push(userValues, rbObj);
255
+ break;
256
+ case EvtVarTypeEvtXml:
257
+ if (pRenderedValues[i].XmlVal == NULL) {
258
+ rb_ary_push(userValues, rb_utf8_str_new_cstr("(NULL)"));
259
+ } else {
260
+ result = wstr_to_mbstr(CP_UTF8, pRenderedValues[i].XmlVal, -1);
261
+ rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
262
+ }
263
+ break;
237
264
  default:
238
265
  rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
239
266
  break;
Binary file
Binary file
Binary file
data/lib/winevt/query.rb CHANGED
@@ -4,9 +4,9 @@ module Winevt
4
4
  alias_method :each_raw, :each
5
5
  def each
6
6
  each_raw do |xml, message, string_inserts|
7
- message = message.gsub(/(%\d+)/, '\1$s')
8
- message = sprintf(message, *string_inserts) rescue message.gsub(/(%\d+)/, "?")
9
- yield(xml, message, string_inserts)
7
+ placeholdered_message = message.gsub(/(%\d+)/, '\1$s')
8
+ replaced_message = sprintf(placeholdered_message, *string_inserts) rescue message.gsub(/(%\d+)/, "?")
9
+ yield(xml, replaced_message, string_inserts)
10
10
  end
11
11
  end
12
12
  end
@@ -4,9 +4,9 @@ module Winevt
4
4
  alias_method :each_raw, :each
5
5
  def each
6
6
  each_raw do |xml, message, string_inserts|
7
- message = message.gsub(/(%\d+)/, '\1$s')
8
- message = sprintf(message, *string_inserts) rescue message.gsub(/(%\d+)/, "?")
9
- yield(xml, message, string_inserts)
7
+ placeholdered_message = message.gsub(/(%\d+)/, '\1$s')
8
+ replaced_message = sprintf(placeholdered_message, *string_inserts) rescue message.gsub(/(%\d+)/, "?")
9
+ yield(xml, replaced_message, string_inserts)
10
10
  end
11
11
  end
12
12
  end
@@ -1,3 +1,3 @@
1
1
  module Winevt
2
- VERSION = "0.3.2"
2
+ VERSION = "0.3.3"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: winevt_c
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.2
4
+ version: 0.3.3
5
5
  platform: x86-mingw32
6
6
  authors:
7
7
  - Hiroshi Hatake