winevt_c 0.3.8-x86-mingw32 → 0.4.0-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1d1fff06b7a5fa0dfc30df81e3fad4e3a7ade856422579b1ac2ae63872598031
4
- data.tar.gz: c9f526dcd65016aacf6983a556c11bc0c87832e55f15c87be8c9f1df5d14c047
3
+ metadata.gz: 5e0861d47eb17f69967842c4ca2ee4b95bf878a5e8fd00037f290f9c5d427169
4
+ data.tar.gz: c215213706cebf991096c43a2d2908aa451c565fa1ef260419a99eac2e1048d7
5
5
  SHA512:
6
- metadata.gz: ce8e76d3bd5904bf0bebfc3023e92f68cb590351d43a7b890446422bc528a20c477e510dbf001afed6801efaa8cf624213c30f9d6d43845e14d0c1628322ef8c
7
- data.tar.gz: 80edef433c9fa088c308393debded4cf18a494bcf655be508bc4650b75e1ac960dc6fbfd0aba2870c8405e6515ac03a12c1244e297dea9a4ad22d6fae2844829
6
+ metadata.gz: c60e58ef313ea9d21c8d481649c8a7e302908d3a24ba69f253ed3706fc339187aa87ea779b10c69d31d77d925530bf15edd8aec3b628032f7bacddc7a75a3658
7
+ data.tar.gz: dac9f1488b6ee48dc55749c195b95b92f602ac96f6725f35651ae06d697fcd1ab7a114a045075cd2de61acd321ec703ef5c6e584248174a41afe83da54ccb6b7
@@ -79,14 +79,19 @@ rb_winevt_bookmark_update(VALUE self, VALUE event)
79
79
  static VALUE
80
80
  rb_winevt_bookmark_render(VALUE self)
81
81
  {
82
+ WCHAR* wResult;
82
83
  char* result;
83
84
  struct WinevtBookmark *winevtBookmark;
85
+ VALUE utf8str;
84
86
 
85
87
  TypedData_Get_Struct(self, struct WinevtBookmark, &rb_winevt_bookmark_type, winevtBookmark);
88
+ wResult = render_event(winevtBookmark->bookmark, EvtRenderBookmark);
89
+ result = wstr_to_mbstr(CP_UTF8, wResult, -1);
86
90
 
87
- result = render_event(winevtBookmark->bookmark, EvtRenderBookmark);
91
+ utf8str = rb_utf8_str_new_cstr(result);
92
+ free_allocated_mbstr(result);
88
93
 
89
- return rb_str_new2(result);
94
+ return utf8str;
90
95
  }
91
96
 
92
97
  void Init_winevt_bookmark(VALUE rb_cEventLog)
@@ -22,8 +22,9 @@
22
22
  #define EventChannel(object) ((struct WinevtChannel *)DATA_PTR(object))
23
23
 
24
24
  char* wstr_to_mbstr(UINT cp, const WCHAR *wstr, int clen);
25
- char* render_event(EVT_HANDLE handle, DWORD flags);
26
- char* get_description(EVT_HANDLE handle);
25
+ void free_allocated_mbstr(const char* str);
26
+ WCHAR* render_event(EVT_HANDLE handle, DWORD flags);
27
+ WCHAR* get_description(EVT_HANDLE handle);
27
28
  VALUE get_values(EVT_HANDLE handle);
28
29
 
29
30
  VALUE rb_cQuery;
@@ -49,6 +49,7 @@ rb_winevt_channel_each(VALUE self)
49
49
  DWORD bufferSize = 0;
50
50
  DWORD bufferUsed = 0;
51
51
  DWORD status = ERROR_SUCCESS;
52
+ VALUE utf8str;
52
53
 
53
54
  RETURN_ENUMERATOR(self, 0, 0);
54
55
 
@@ -88,7 +89,10 @@ rb_winevt_channel_each(VALUE self)
88
89
 
89
90
  result = wstr_to_mbstr(CP_UTF8, buffer, -1);
90
91
 
91
- rb_yield(rb_utf8_str_new_cstr(result));
92
+ utf8str = rb_utf8_str_new_cstr(result);
93
+ free_allocated_mbstr(result);
94
+
95
+ rb_yield(utf8str);
92
96
  }
93
97
 
94
98
  return Qnil;
@@ -137,25 +137,37 @@ rb_winevt_query_next(VALUE self)
137
137
  static VALUE
138
138
  rb_winevt_query_render(VALUE self)
139
139
  {
140
+ WCHAR* wResult;
140
141
  char* result;
141
142
  struct WinevtQuery *winevtQuery;
143
+ VALUE utf8str;
142
144
 
143
145
  TypedData_Get_Struct(self, struct WinevtQuery, &rb_winevt_query_type, winevtQuery);
144
- result = render_event(winevtQuery->event, EvtRenderEventXml);
146
+ wResult = render_event(winevtQuery->event, EvtRenderEventXml);
147
+ result = wstr_to_mbstr(CP_UTF8, wResult, -1);
145
148
 
146
- return rb_utf8_str_new_cstr(result);
149
+ utf8str = rb_utf8_str_new_cstr(result);
150
+ free_allocated_mbstr(result);
151
+
152
+ return utf8str;
147
153
  }
148
154
 
149
155
  static VALUE
150
156
  rb_winevt_query_message(VALUE self)
151
157
  {
158
+ WCHAR* wResult;
152
159
  char* result;
153
160
  struct WinevtQuery *winevtQuery;
161
+ VALUE utf8str;
154
162
 
155
163
  TypedData_Get_Struct(self, struct WinevtQuery, &rb_winevt_query_type, winevtQuery);
156
- result = get_description(winevtQuery->event);
164
+ wResult = get_description(winevtQuery->event);
165
+ result = wstr_to_mbstr(CP_UTF8, wResult, -1);
166
+
167
+ utf8str = rb_utf8_str_new_cstr(result);
168
+ free_allocated_mbstr(result);
157
169
 
158
- return rb_utf8_str_new_cstr(result);
170
+ return utf8str;
159
171
  }
160
172
 
161
173
  static VALUE
@@ -153,25 +153,37 @@ rb_winevt_subscribe_next(VALUE self)
153
153
  static VALUE
154
154
  rb_winevt_subscribe_render(VALUE self)
155
155
  {
156
+ WCHAR* wResult;
156
157
  char* result;
157
158
  struct WinevtSubscribe *winevtSubscribe;
159
+ VALUE utf8str;
158
160
 
159
161
  TypedData_Get_Struct(self, struct WinevtSubscribe, &rb_winevt_subscribe_type, winevtSubscribe);
160
- result = render_event(winevtSubscribe->event, EvtRenderEventXml);
162
+ wResult = render_event(winevtSubscribe->event, EvtRenderEventXml);
163
+ result = wstr_to_mbstr(CP_UTF8, wResult, -1);
161
164
 
162
- return rb_utf8_str_new_cstr(result);
165
+ utf8str = rb_utf8_str_new_cstr(result);
166
+ free_allocated_mbstr(result);
167
+
168
+ return utf8str;
163
169
  }
164
170
 
165
171
  static VALUE
166
172
  rb_winevt_subscribe_message(VALUE self)
167
173
  {
174
+ WCHAR* wResult;
168
175
  char* result;
169
176
  struct WinevtSubscribe *winevtSubscribe;
177
+ VALUE utf8str;
170
178
 
171
179
  TypedData_Get_Struct(self, struct WinevtSubscribe, &rb_winevt_subscribe_type, winevtSubscribe);
172
- result = get_description(winevtSubscribe->event);
180
+ wResult = get_description(winevtSubscribe->event);
181
+ result = wstr_to_mbstr(CP_UTF8, wResult, -1);
182
+
183
+ utf8str = rb_utf8_str_new_cstr(result);
184
+ free_allocated_mbstr(result);
173
185
 
174
- return rb_utf8_str_new_cstr(result);
186
+ return utf8str;
175
187
  }
176
188
 
177
189
  static VALUE
@@ -205,14 +217,20 @@ rb_winevt_subscribe_each(VALUE self)
205
217
  static VALUE
206
218
  rb_winevt_subscribe_get_bookmark(VALUE self)
207
219
  {
220
+ WCHAR* wResult;
208
221
  char* result;
209
222
  struct WinevtSubscribe *winevtSubscribe;
223
+ VALUE utf8str;
210
224
 
211
225
  TypedData_Get_Struct(self, struct WinevtSubscribe, &rb_winevt_subscribe_type, winevtSubscribe);
212
226
 
213
- result = render_event(winevtSubscribe->bookmark, EvtRenderBookmark);
227
+ wResult = render_event(winevtSubscribe->bookmark, EvtRenderBookmark);
228
+ result = wstr_to_mbstr(CP_UTF8, wResult, -1);
229
+
230
+ utf8str = rb_utf8_str_new_cstr(result);
231
+ free_allocated_mbstr(result);
214
232
 
215
- return rb_str_new2(result);
233
+ return utf8str;
216
234
  }
217
235
 
218
236
  void Init_winevt_subscribe(VALUE rb_cEventLog)
@@ -13,20 +13,26 @@ wstr_to_mbstr(UINT cp, const WCHAR *wstr, int clen)
13
13
  return ptr;
14
14
  }
15
15
 
16
- char* render_event(EVT_HANDLE handle, DWORD flags)
16
+ void free_allocated_mbstr(const char* str)
17
+ {
18
+ if (str)
19
+ xfree((char *)str);
20
+ }
21
+
22
+ WCHAR* render_event(EVT_HANDLE handle, DWORD flags)
17
23
  {
18
24
  PWSTR buffer = NULL;
19
25
  ULONG bufferSize = 0;
20
26
  ULONG bufferSizeNeeded = 0;
21
27
  ULONG status, count;
22
- char* result;
28
+ static WCHAR* result = L"";
23
29
  LPTSTR msgBuf;
24
30
 
25
31
  do {
26
32
  if (bufferSizeNeeded > bufferSize) {
27
33
  free(buffer);
28
34
  bufferSize = bufferSizeNeeded;
29
- buffer = malloc(bufferSize);
35
+ buffer = xmalloc(bufferSize);
30
36
  if (buffer == NULL) {
31
37
  status = ERROR_OUTOFMEMORY;
32
38
  bufferSize = 0;
@@ -63,10 +69,10 @@ char* render_event(EVT_HANDLE handle, DWORD flags)
63
69
  rb_raise(rb_eWinevtQueryError, "ErrorCode: %d\nError: %s\n", status, RSTRING_PTR(errmsg));
64
70
  }
65
71
 
66
- result = wstr_to_mbstr(CP_UTF8, buffer, -1);
72
+ result = buffer;
67
73
 
68
74
  if (buffer)
69
- free(buffer);
75
+ xfree(buffer);
70
76
 
71
77
  return result;
72
78
  }
@@ -92,7 +98,7 @@ VALUE get_values(EVT_HANDLE handle)
92
98
  if (bufferSizeNeeded > bufferSize) {
93
99
  free(buffer);
94
100
  bufferSize = bufferSizeNeeded;
95
- buffer = malloc(bufferSize);
101
+ buffer = xmalloc(bufferSize);
96
102
  if (buffer == NULL) {
97
103
  status = ERROR_OUTOFMEMORY;
98
104
  bufferSize = 0;
@@ -147,6 +153,7 @@ VALUE get_values(EVT_HANDLE handle)
147
153
  } else {
148
154
  result = wstr_to_mbstr(CP_UTF8, pRenderedValues[i].StringVal, -1);
149
155
  rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
156
+ free_allocated_mbstr(result);
150
157
  }
151
158
  break;
152
159
  case EvtVarTypeAnsiString:
@@ -191,6 +198,7 @@ VALUE get_values(EVT_HANDLE handle)
191
198
  case EvtVarTypeSingle:
192
199
  sprintf(result, "%f", pRenderedValues[i].SingleVal);
193
200
  rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
201
+ free_allocated_mbstr(result);
194
202
  break;
195
203
  case EvtVarTypeDouble:
196
204
  sprintf(result, "%lf", pRenderedValues[i].DoubleVal);
@@ -205,6 +213,7 @@ VALUE get_values(EVT_HANDLE handle)
205
213
  StringFromCLSID(pRenderedValues[i].GuidVal, &tmpWChar);
206
214
  result = wstr_to_mbstr(CP_UTF8, tmpWChar, -1);
207
215
  rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
216
+ free_allocated_mbstr(result);
208
217
  } else {
209
218
  rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
210
219
  }
@@ -243,6 +252,7 @@ VALUE get_values(EVT_HANDLE handle)
243
252
  if (ConvertSidToStringSidW(pRenderedValues[i].SidVal, &tmpWChar)) {
244
253
  result = wstr_to_mbstr(CP_UTF8, tmpWChar, -1);
245
254
  rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
255
+ free_allocated_mbstr(result);
246
256
  } else {
247
257
  rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
248
258
  }
@@ -263,6 +273,7 @@ VALUE get_values(EVT_HANDLE handle)
263
273
  } else {
264
274
  result = wstr_to_mbstr(CP_UTF8, pRenderedValues[i].XmlVal, -1);
265
275
  rb_ary_push(userValues, rb_utf8_str_new_cstr(result));
276
+ free_allocated_mbstr(result);
266
277
  }
267
278
  break;
268
279
  default:
@@ -272,70 +283,26 @@ VALUE get_values(EVT_HANDLE handle)
272
283
  }
273
284
 
274
285
  if (buffer)
275
- free(buffer);
286
+ xfree(buffer);
287
+
288
+ if (renderContext)
289
+ EvtClose(renderContext);
276
290
 
277
291
  return userValues;
278
292
  }
279
293
 
280
- char* get_description(EVT_HANDLE handle)
294
+ static WCHAR* get_message(EVT_HANDLE hMetadata, EVT_HANDLE handle)
281
295
  {
282
- #define MAX_BUFFER 65535
283
- WCHAR buffer[4096], *msg = buffer;
284
- WCHAR descriptionBuffer[MAX_BUFFER];
285
- ULONG bufferSize = 0;
286
- ULONG bufferSizeNeeded = 0;
287
- ULONG status, count;
288
- char* result = "";
289
- LPTSTR msgBuf = "";
290
- EVT_HANDLE hMetadata = NULL;
291
- PEVT_VARIANT values = NULL;
296
+ #define BUFSIZE 4096
297
+ static WCHAR* result = L"";
298
+ ULONG status;
299
+ ULONG bufferSizeNeeded = 0;
292
300
  LPVOID lpMsgBuf;
301
+ WCHAR* prevBuffer;
302
+ WCHAR *message;
293
303
 
294
- static PCWSTR eventProperties[] = {L"Event/System/Provider/@Name"};
295
- EVT_HANDLE renderContext = EvtCreateRenderContext(1, eventProperties, EvtRenderContextValues);
296
- if (renderContext == NULL) {
297
- rb_raise(rb_eWinevtQueryError, "Failed to create renderContext");
298
- }
299
-
300
- if (EvtRender(renderContext,
301
- handle,
302
- EvtRenderEventValues,
303
- _countof(buffer),
304
- buffer,
305
- &bufferSizeNeeded,
306
- &count) != FALSE) {
307
- status = ERROR_SUCCESS;
308
- } else {
309
- status = GetLastError();
310
- }
311
-
312
- if (status != ERROR_SUCCESS) {
313
- FormatMessage(
314
- FORMAT_MESSAGE_ALLOCATE_BUFFER |
315
- FORMAT_MESSAGE_FROM_SYSTEM |
316
- FORMAT_MESSAGE_IGNORE_INSERTS,
317
- NULL, status,
318
- MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
319
- msgBuf, 0, NULL);
320
-
321
- VALUE errmsg = rb_str_new2(msgBuf);
322
- LocalFree(msgBuf);
323
-
324
- rb_raise(rb_eWinevtQueryError, "ErrorCode: %d\nError: %s\n", status, RSTRING_PTR(errmsg));
325
- }
326
-
327
- // Obtain buffer as EVT_VARIANT pointer. To avoid ErrorCide 87 in EvtRender.
328
- values = (PEVT_VARIANT)buffer;
329
-
330
- // Open publisher metadata
331
- hMetadata = EvtOpenPublisherMetadata(NULL, values[0].StringVal, NULL, MAKELCID(MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL), SORT_DEFAULT), 0);
332
- if (hMetadata == NULL) {
333
- // When winevt_c cannot open metadata, then give up to obtain
334
- // message file and clean up immediately.
335
- goto cleanup;
336
- }
337
-
338
- if (!EvtFormatMessage(hMetadata, handle, 0xffffffff, 0, NULL, EvtFormatMessageEvent, 4096, buffer, &bufferSizeNeeded)) {
304
+ message = (WCHAR *)xmalloc(sizeof(WCHAR) * BUFSIZE);
305
+ if (!EvtFormatMessage(hMetadata, handle, 0xffffffff, 0, NULL, EvtFormatMessageEvent, BUFSIZE, message, &bufferSizeNeeded)) {
339
306
  status = GetLastError();
340
307
 
341
308
  if (status != ERROR_EVT_UNRESOLVED_VALUE_INSERT) {
@@ -361,7 +328,8 @@ char* get_description(EVT_HANDLE handle)
361
328
  MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US),
362
329
  (WCHAR *) &lpMsgBuf, 0, NULL);
363
330
 
364
- result = wstr_to_mbstr(CP_UTF8, (WCHAR *)lpMsgBuf, -1);
331
+ result = (WCHAR *)lpMsgBuf;
332
+ LocalFree(lpMsgBuf);
365
333
 
366
334
  goto cleanup;
367
335
  }
@@ -373,9 +341,10 @@ char* get_description(EVT_HANDLE handle)
373
341
  }
374
342
 
375
343
  if (status == ERROR_INSUFFICIENT_BUFFER) {
376
- msg = (WCHAR *)malloc(sizeof(WCHAR) * bufferSizeNeeded);
344
+ prevBuffer = message;
345
+ message = (WCHAR *)realloc(prevBuffer, sizeof(WCHAR) * bufferSizeNeeded);
377
346
 
378
- if(!EvtFormatMessage(hMetadata, handle, 0xffffffff, 0, NULL, EvtFormatMessageEvent, bufferSizeNeeded, msg, &bufferSizeNeeded)) {
347
+ if(!EvtFormatMessage(hMetadata, handle, 0xffffffff, 0, NULL, EvtFormatMessageEvent, bufferSizeNeeded, message, &bufferSizeNeeded)) {
379
348
  status = GetLastError();
380
349
 
381
350
  if (status != ERROR_EVT_UNRESOLVED_VALUE_INSERT) {
@@ -401,7 +370,8 @@ char* get_description(EVT_HANDLE handle)
401
370
  MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US),
402
371
  (WCHAR *) &lpMsgBuf, 0, NULL);
403
372
 
404
- result = wstr_to_mbstr(CP_UTF8, (WCHAR *)lpMsgBuf, -1);
373
+ result = (WCHAR *)lpMsgBuf;
374
+ LocalFree(lpMsgBuf);
405
375
 
406
376
  goto cleanup;
407
377
  }
@@ -411,9 +381,78 @@ char* get_description(EVT_HANDLE handle)
411
381
  }
412
382
  }
413
383
  }
414
- result = wstr_to_mbstr(CP_UTF8, msg, -1);
415
384
 
416
- #undef MAX_BUFFER
385
+ result = message;
386
+
387
+ cleanup:
388
+
389
+ if (message)
390
+ xfree(message);
391
+
392
+ return result;
393
+
394
+ #undef BUFSIZE
395
+ }
396
+
397
+ WCHAR* get_description(EVT_HANDLE handle)
398
+ {
399
+ #define BUFSIZE 4096
400
+ WCHAR buffer[BUFSIZE];
401
+ ULONG bufferSize = 0;
402
+ ULONG bufferSizeNeeded = 0;
403
+ ULONG status, count;
404
+ static WCHAR *result = L"";
405
+ LPTSTR msgBuf = "";
406
+ EVT_HANDLE hMetadata = NULL;
407
+ PEVT_VARIANT values = NULL;
408
+
409
+ static PCWSTR eventProperties[] = {L"Event/System/Provider/@Name"};
410
+ EVT_HANDLE renderContext = EvtCreateRenderContext(1, eventProperties, EvtRenderContextValues);
411
+ if (renderContext == NULL) {
412
+ rb_raise(rb_eWinevtQueryError, "Failed to create renderContext");
413
+ }
414
+
415
+ if (EvtRender(renderContext,
416
+ handle,
417
+ EvtRenderEventValues,
418
+ _countof(buffer),
419
+ buffer,
420
+ &bufferSizeNeeded,
421
+ &count) != FALSE) {
422
+ status = ERROR_SUCCESS;
423
+ } else {
424
+ status = GetLastError();
425
+ }
426
+
427
+ if (status != ERROR_SUCCESS) {
428
+ FormatMessage(
429
+ FORMAT_MESSAGE_ALLOCATE_BUFFER |
430
+ FORMAT_MESSAGE_FROM_SYSTEM |
431
+ FORMAT_MESSAGE_IGNORE_INSERTS,
432
+ NULL, status,
433
+ MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
434
+ msgBuf, 0, NULL);
435
+
436
+ VALUE errmsg = rb_str_new2(msgBuf);
437
+ LocalFree(msgBuf);
438
+
439
+ rb_raise(rb_eWinevtQueryError, "ErrorCode: %d\nError: %s\n", status, RSTRING_PTR(errmsg));
440
+ }
441
+
442
+ // Obtain buffer as EVT_VARIANT pointer. To avoid ErrorCide 87 in EvtRender.
443
+ values = (PEVT_VARIANT)buffer;
444
+
445
+ // Open publisher metadata
446
+ hMetadata = EvtOpenPublisherMetadata(NULL, values[0].StringVal, NULL, MAKELCID(MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL), SORT_DEFAULT), 0);
447
+ if (hMetadata == NULL) {
448
+ // When winevt_c cannot open metadata, then give up to obtain
449
+ // message file and clean up immediately.
450
+ goto cleanup;
451
+ }
452
+
453
+ result = get_message(hMetadata, handle);
454
+
455
+ #undef BUFSIZE
417
456
 
418
457
  cleanup:
419
458
 
Binary file
Binary file
Binary file
@@ -1,3 +1,3 @@
1
1
  module Winevt
2
- VERSION = "0.3.8"
2
+ VERSION = "0.4.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: winevt_c
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.8
4
+ version: 0.4.0
5
5
  platform: x86-mingw32
6
6
  authors:
7
7
  - Hiroshi Hatake
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-06-27 00:00:00.000000000 Z
11
+ date: 2019-06-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler