winevt_c 0.3.7 → 0.3.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ext/winevt/winevt_utils.c +40 -7
- data/lib/winevt/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ac595d99bc6422ccdbbd74c8df98fad0fea9a6679c3858cc891d898cd22c6062
|
|
4
|
+
data.tar.gz: 42c8309fadbbc077f4999aa14b91e7a5d15f28747ad24961609d6152370ac12d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ee9d551fb4c229631e70b1e2e779fcebb3f87fe99a7c795a8a3fa9278ee8e7a2f8cfcad156f8189b380613d63746625913cb00dd7505f232ed6ea2dbc74fcfbd
|
|
7
|
+
data.tar.gz: 98af1f800f0628d2ddd96d974f9fa5ade5e1dfa9a5026a45ef3ab805516b860019c219af49bc3335f065725e1800202a474aaa18dd2abbc6e8826048b1588899
|
data/ext/winevt/winevt_utils.c
CHANGED
|
@@ -18,9 +18,7 @@ char* render_event(EVT_HANDLE handle, DWORD flags)
|
|
|
18
18
|
PWSTR buffer = NULL;
|
|
19
19
|
ULONG bufferSize = 0;
|
|
20
20
|
ULONG bufferSizeNeeded = 0;
|
|
21
|
-
EVT_HANDLE event;
|
|
22
21
|
ULONG status, count;
|
|
23
|
-
char* errBuf;
|
|
24
22
|
char* result;
|
|
25
23
|
LPTSTR msgBuf;
|
|
26
24
|
|
|
@@ -286,13 +284,12 @@ char* get_description(EVT_HANDLE handle)
|
|
|
286
284
|
WCHAR descriptionBuffer[MAX_BUFFER];
|
|
287
285
|
ULONG bufferSize = 0;
|
|
288
286
|
ULONG bufferSizeNeeded = 0;
|
|
289
|
-
EVT_HANDLE event;
|
|
290
287
|
ULONG status, count;
|
|
291
288
|
char* result = "";
|
|
292
289
|
LPTSTR msgBuf = "";
|
|
293
290
|
EVT_HANDLE hMetadata = NULL;
|
|
294
291
|
PEVT_VARIANT values = NULL;
|
|
295
|
-
|
|
292
|
+
LPVOID lpMsgBuf;
|
|
296
293
|
|
|
297
294
|
static PCWSTR eventProperties[] = {L"Event/System/Provider/@Name"};
|
|
298
295
|
EVT_HANDLE renderContext = EvtCreateRenderContext(1, eventProperties, EvtRenderContextValues);
|
|
@@ -348,8 +345,27 @@ char* get_description(EVT_HANDLE handle)
|
|
|
348
345
|
case ERROR_EVT_MESSAGE_LOCALE_NOT_FOUND:
|
|
349
346
|
case ERROR_RESOURCE_LANG_NOT_FOUND:
|
|
350
347
|
case ERROR_MUI_FILE_NOT_FOUND:
|
|
351
|
-
case ERROR_EVT_UNRESOLVED_PARAMETER_INSERT:
|
|
352
|
-
|
|
348
|
+
case ERROR_EVT_UNRESOLVED_PARAMETER_INSERT: {
|
|
349
|
+
if (FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
|
|
350
|
+
FORMAT_MESSAGE_FROM_SYSTEM |
|
|
351
|
+
FORMAT_MESSAGE_IGNORE_INSERTS,
|
|
352
|
+
NULL,
|
|
353
|
+
status,
|
|
354
|
+
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
|
|
355
|
+
(WCHAR *) &lpMsgBuf, 0, NULL) == 0)
|
|
356
|
+
FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
|
|
357
|
+
FORMAT_MESSAGE_FROM_SYSTEM |
|
|
358
|
+
FORMAT_MESSAGE_IGNORE_INSERTS,
|
|
359
|
+
NULL,
|
|
360
|
+
status,
|
|
361
|
+
MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US),
|
|
362
|
+
(WCHAR *) &lpMsgBuf, 0, NULL);
|
|
363
|
+
|
|
364
|
+
result = wstr_to_mbstr(CP_UTF8, (WCHAR *)lpMsgBuf, -1);
|
|
365
|
+
|
|
366
|
+
goto cleanup;
|
|
367
|
+
}
|
|
368
|
+
|
|
353
369
|
}
|
|
354
370
|
|
|
355
371
|
if (status != ERROR_INSUFFICIENT_BUFFER)
|
|
@@ -370,7 +386,24 @@ char* get_description(EVT_HANDLE handle)
|
|
|
370
386
|
case ERROR_RESOURCE_LANG_NOT_FOUND:
|
|
371
387
|
case ERROR_MUI_FILE_NOT_FOUND:
|
|
372
388
|
case ERROR_EVT_UNRESOLVED_PARAMETER_INSERT:
|
|
373
|
-
|
|
389
|
+
if (FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
|
|
390
|
+
FORMAT_MESSAGE_FROM_SYSTEM |
|
|
391
|
+
FORMAT_MESSAGE_IGNORE_INSERTS,
|
|
392
|
+
NULL,
|
|
393
|
+
status,
|
|
394
|
+
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
|
|
395
|
+
(WCHAR *) &lpMsgBuf, 0, NULL) == 0)
|
|
396
|
+
FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
|
|
397
|
+
FORMAT_MESSAGE_FROM_SYSTEM |
|
|
398
|
+
FORMAT_MESSAGE_IGNORE_INSERTS,
|
|
399
|
+
NULL,
|
|
400
|
+
status,
|
|
401
|
+
MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US),
|
|
402
|
+
(WCHAR *) &lpMsgBuf, 0, NULL);
|
|
403
|
+
|
|
404
|
+
result = wstr_to_mbstr(CP_UTF8, (WCHAR *)lpMsgBuf, -1);
|
|
405
|
+
|
|
406
|
+
goto cleanup;
|
|
374
407
|
}
|
|
375
408
|
|
|
376
409
|
rb_raise(rb_eWinevtQueryError, "ErrorCode: %d", status);
|
data/lib/winevt/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: winevt_c
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Hiroshi Hatake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-06-
|
|
11
|
+
date: 2019-06-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|