winevt_c 0.9.3 → 0.10.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f8e0f057816ea6023a893cda0b9af765f4f0b47bab15491fb71862114be55e61
4
- data.tar.gz: 2dee722cd48e235222fb891106ba4c8fbe80f5141db4fad0237784acd8804704
3
+ metadata.gz: 87d082b15698183b841886fbdffe603679006050fc91c7ea6043bf5987275e3f
4
+ data.tar.gz: ab529bd44369e0c256263aee77ba416a42469bbaf71b0de9f523db81921bbfef
5
5
  SHA512:
6
- metadata.gz: 442e12311a0ad1f3d26255a4d841174072e4fd1f50ab9b113654231a95f3d779c1b91e04449e1126cd16432f11de9427b4436e9954ac0ae1fa78cfcc45b378a2
7
- data.tar.gz: 9f8d8c1d10a1c589514039de18acb0a0c2910f99928d44d90c1a21b523e145e1946f585438f52f1a5a4ddde5c9a4b54503ce1f96aa9d30e9b4d20a5169fc135f
6
+ metadata.gz: a5b728bc6422d8fc1a17ab10fbbc6ad10aa673b3faec5b035269826859ef4e14bd63def67a69618c21a2e4d1a7951d2d2f2881676ee049348b996bb706b21ec5
7
+ data.tar.gz: '0483519d86d5abd1fe5672ee124fdadf839bd9f9a50b41cb1aaac37dd886154dc0a4e5af4d6901c4cc6f2da9e99ad6e98e82cfb8cf6630a69dd3dda0d127ddfa'
data/appveyor.yml CHANGED
@@ -20,6 +20,8 @@ test_script:
20
20
  # https://www.appveyor.com/docs/installed-software/#ruby
21
21
  environment:
22
22
  matrix:
23
+ - ruby_version: "31-x64"
24
+ - ruby_version: "31"
23
25
  - ruby_version: "30-x64"
24
26
  - ruby_version: "30"
25
27
  - ruby_version: "27-x64"
@@ -30,3 +32,17 @@ environment:
30
32
  - ruby_version: "25"
31
33
  - ruby_version: "24-x64"
32
34
  - ruby_version: "24"
35
+
36
+ for:
37
+ -
38
+ matrix:
39
+ only:
40
+ - ruby_version: "31-x64"
41
+ install:
42
+ - SET PATH=C:\Ruby%ruby_version%\bin;%PATH%
43
+ - ruby --version
44
+ - gem --version
45
+ - bundle --version
46
+ - ridk.cmd install 1 3
47
+ - ridk.cmd exec bundle install
48
+ - ridk.cmd exec bundle exec rake compile
@@ -10,9 +10,24 @@ wstr_to_rb_str(UINT cp, const WCHAR* wstr, int clen)
10
10
  {
11
11
  VALUE vstr;
12
12
  CHAR* ptr;
13
+ int ret = -1;
14
+ DWORD err = ERROR_SUCCESS;
15
+ if (wstr == NULL) {
16
+ return rb_utf8_str_new_cstr("");
17
+ }
18
+
13
19
  int len = WideCharToMultiByte(cp, 0, wstr, clen, nullptr, 0, nullptr, nullptr);
14
20
  ptr = ALLOCV_N(CHAR, vstr, len);
15
- WideCharToMultiByte(cp, 0, wstr, clen, ptr, len, nullptr, nullptr);
21
+ // For memory safety.
22
+ ZeroMemory(ptr, sizeof(CHAR) * len);
23
+ ret = WideCharToMultiByte(cp, 0, wstr, clen, ptr, len, nullptr, nullptr);
24
+ // return 0 should be failure.
25
+ // ref: https://docs.microsoft.com/en-us/windows/win32/api/stringapiset/nf-stringapiset-widechartomultibyte#return-value
26
+ if (ret == 0) {
27
+ err = GetLastError();
28
+ ALLOCV_END(vstr);
29
+ raise_system_error(rb_eRuntimeError, err);
30
+ }
16
31
  VALUE str = rb_utf8_str_new_cstr(ptr);
17
32
  ALLOCV_END(vstr);
18
33
 
@@ -114,6 +129,36 @@ guid_to_wstr(const GUID& guid)
114
129
  return s;
115
130
  }
116
131
 
132
+ static VALUE
133
+ make_displayable_binary_string(PBYTE bin, size_t length)
134
+ {
135
+ const char *HEX_TABLE = "0123456789ABCDEF";
136
+ CHAR *buffer;
137
+ int size = length * 2 + 1;
138
+ size_t i, j;
139
+ unsigned int idx = 0;
140
+ VALUE vbuffer;
141
+
142
+ if (length == 0) {
143
+ return rb_str_new2("(NULL)");
144
+ }
145
+
146
+ buffer = ALLOCV_N(CHAR, vbuffer, size);
147
+
148
+ for (i = 0; i < length; i++) {
149
+ for (j = 0; j < 2; j++) {
150
+ idx = (unsigned int)(bin[i] >> (j * 4) & 0x0F);
151
+ buffer[2*i+(1-j)] = HEX_TABLE[idx];
152
+ }
153
+ }
154
+ buffer[size - 1] = '\0';
155
+
156
+ VALUE str = rb_str_new2(buffer);
157
+ ALLOCV_END(vbuffer);
158
+
159
+ return str;
160
+ }
161
+
117
162
  static VALUE
118
163
  extract_user_evt_variants(PEVT_VARIANT pRenderedValues, DWORD propCount)
119
164
  {
@@ -287,6 +332,14 @@ extract_user_evt_variants(PEVT_VARIANT pRenderedValues, DWORD propCount)
287
332
  rb_ary_push(userValues, rbObj);
288
333
  }
289
334
  break;
335
+ case EvtVarTypeBinary:
336
+ if (pRenderedValues[i].BinaryVal == nullptr) {
337
+ rb_ary_push(userValues, rb_utf8_str_new_cstr("(NULL)"));
338
+ } else {
339
+ rbObj = make_displayable_binary_string(pRenderedValues[i].BinaryVal, pRenderedValues[i].Count);
340
+ rb_ary_push(userValues, rbObj);
341
+ }
342
+ break;
290
343
  default:
291
344
  rb_ary_push(userValues, rb_utf8_str_new_cstr("?"));
292
345
  break;
@@ -367,6 +420,9 @@ get_message(EVT_HANDLE hMetadata, EVT_HANDLE handle)
367
420
  case ERROR_EVT_MESSAGE_NOT_FOUND:
368
421
  case ERROR_EVT_MESSAGE_ID_NOT_FOUND:
369
422
  case ERROR_EVT_MESSAGE_LOCALE_NOT_FOUND:
423
+ case ERROR_RESOURCE_DATA_NOT_FOUND:
424
+ case ERROR_RESOURCE_TYPE_NOT_FOUND:
425
+ case ERROR_RESOURCE_NAME_NOT_FOUND:
370
426
  case ERROR_RESOURCE_LANG_NOT_FOUND:
371
427
  case ERROR_MUI_FILE_NOT_FOUND:
372
428
  case ERROR_EVT_UNRESOLVED_PARAMETER_INSERT: {
@@ -419,6 +475,9 @@ get_message(EVT_HANDLE hMetadata, EVT_HANDLE handle)
419
475
  case ERROR_EVT_MESSAGE_NOT_FOUND:
420
476
  case ERROR_EVT_MESSAGE_ID_NOT_FOUND:
421
477
  case ERROR_EVT_MESSAGE_LOCALE_NOT_FOUND:
478
+ case ERROR_RESOURCE_DATA_NOT_FOUND:
479
+ case ERROR_RESOURCE_TYPE_NOT_FOUND:
480
+ case ERROR_RESOURCE_NAME_NOT_FOUND:
422
481
  case ERROR_RESOURCE_LANG_NOT_FOUND:
423
482
  case ERROR_MUI_FILE_NOT_FOUND:
424
483
  case ERROR_EVT_UNRESOLVED_PARAMETER_INSERT:
@@ -652,30 +711,34 @@ render_system_event(EVT_HANDLE hEvent, BOOL preserve_qualifiers)
652
711
  ? Qnil
653
712
  : rb_str_new2(buffer));
654
713
 
655
- ullTimeStamp = pRenderedValues[EvtSystemTimeCreated].FileTimeVal;
656
- ft.dwHighDateTime = (DWORD)((ullTimeStamp >> 32) & 0xFFFFFFFF);
657
- ft.dwLowDateTime = (DWORD)(ullTimeStamp & 0xFFFFFFFF);
658
-
659
- FileTimeToSystemTime(&ft, &st);
660
- ullNanoseconds =
661
- (ullTimeStamp % 10000000) *
662
- 100; // Display nanoseconds instead of milliseconds for higher resolution
663
- _snprintf_s(buffer,
664
- _countof(buffer),
665
- _TRUNCATE,
666
- "%02d/%02d/%02d %02d:%02d:%02d.%llu",
667
- st.wYear,
668
- st.wMonth,
669
- st.wDay,
670
- st.wHour,
671
- st.wMinute,
672
- st.wSecond,
673
- ullNanoseconds);
674
- rb_hash_aset(hash,
675
- rb_str_new2("TimeCreated"),
676
- (EvtVarTypeNull == pRenderedValues[EvtSystemKeywords].Type)
677
- ? Qnil
678
- : rb_str_new2(buffer));
714
+ if (EvtVarTypeNull != pRenderedValues[EvtSystemTimeCreated].Type) {
715
+ ullTimeStamp = pRenderedValues[EvtSystemTimeCreated].FileTimeVal;
716
+ ft.dwHighDateTime = (DWORD)((ullTimeStamp >> 32) & 0xFFFFFFFF);
717
+ ft.dwLowDateTime = (DWORD)(ullTimeStamp & 0xFFFFFFFF);
718
+
719
+ FileTimeToSystemTime(&ft, &st);
720
+ ullNanoseconds =
721
+ (ullTimeStamp % 10000000) *
722
+ 100; // Display nanoseconds instead of milliseconds for higher resolution
723
+ _snprintf_s(buffer,
724
+ _countof(buffer),
725
+ _TRUNCATE,
726
+ "%02d/%02d/%02d %02d:%02d:%02d.%llu",
727
+ st.wYear,
728
+ st.wMonth,
729
+ st.wDay,
730
+ st.wHour,
731
+ st.wMinute,
732
+ st.wSecond,
733
+ ullNanoseconds);
734
+ rb_hash_aset(hash,
735
+ rb_str_new2("TimeCreated"),
736
+ rb_str_new2(buffer));
737
+ } else {
738
+ rb_hash_aset(hash,
739
+ rb_str_new2("TimeCreated"),
740
+ Qnil);
741
+ }
679
742
  _snprintf_s(buffer,
680
743
  _countof(buffer),
681
744
  _TRUNCATE,
@@ -1,3 +1,3 @@
1
1
  module Winevt
2
- VERSION = "0.9.3"
2
+ VERSION = "0.10.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: winevt_c
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.3
4
+ version: 0.10.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Hiroshi Hatake
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-05-20 00:00:00.000000000 Z
11
+ date: 2022-07-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -161,7 +161,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
161
161
  - !ruby/object:Gem::Version
162
162
  version: '0'
163
163
  requirements: []
164
- rubygems_version: 3.1.6
164
+ rubygems_version: 3.3.5
165
165
  signing_key:
166
166
  specification_version: 4
167
167
  summary: Windows Event Log API bindings from winevt.h.