Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-24 17:34:57 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ADVAPI33/EVENTLOG]

Browse source 
- Determine the event generation time in ReportEventA/W and use it.
- Replace magic values by proper type size.

svn path=/trunk/; revision=54678
This commit is contained in:
Eric Kohl 2011-12-17 23:47:28 +00:00
parent d8322663ed
commit 8da34d541e
7 changed files with 43 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
reactos/base/services/eventlog/eventlog.c
View file

@ -465,20 +465,6 @@ VOID EventTimeToSystemTime(DWORD EventTime, SYSTEMTIME * pSystemTime)
FileTimeToSystemTime(&ftLocal, pSystemTime);
}
VOID SystemTimeToEventTime(SYSTEMTIME * pSystemTime, DWORD * pEventTime)
{
SYSTEMTIME st1970 = { 1970, 1, 0, 1, 0, 0, 0, 0 };
union
{
FILETIME ft;
ULONGLONG ll;
} Time, u1970;
SystemTimeToFileTime(pSystemTime, &Time.ft);
SystemTimeToFileTime(&st1970, &u1970.ft);
*pEventTime = (DWORD)((Time.ll - u1970.ll) / 10000000ull);
}
VOID PRINT_HEADER(PEVENTLOGHEADER header)
{
DPRINT("HeaderSize = %d\n", header->HeaderSize);

5
reactos/base/services/eventlog/eventlog.h
View file

@ -16,6 +16,7 @@
#include <windows.h>
#include <netevent.h>
#include <lpctypes.h>
#include <kefuncs.h>
#include <lpcfuncs.h>
#include <rtlfuncs.h>
#include <obfuncs.h>
@ -168,6 +169,7 @@ BOOL LogfDeleteOffsetInformation(PLOGFILE LogFile,
PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
DWORD dwRecordNumber,
DWORD dwTime,
WORD wType,
WORD wCategory,
DWORD dwEventId,
@ -199,9 +201,6 @@ VOID PRINT_RECORD(PEVENTLOGRECORD pRec);
VOID EventTimeToSystemTime(DWORD EventTime,
SYSTEMTIME * SystemTime);
VOID SystemTimeToEventTime(SYSTEMTIME * pSystemTime,
DWORD * pEventTime);
/* eventsource.c */
VOID InitEventSourceList(VOID);

37
reactos/base/services/eventlog/file.c
View file

@ -870,18 +870,18 @@ BOOL LogfWriteData(PLOGFILE LogFile, DWORD BufSize, PBYTE Buffer)
{
DWORD dwWritten;
DWORD dwRead;
SYSTEMTIME st;
EVENTLOGEOF EofRec;
PEVENTLOGRECORD RecBuf;
LARGE_INTEGER logFileSize;
LARGE_INTEGER SystemTime;
ULONG RecOffSet;
ULONG WriteOffSet;
if (!Buffer)
return FALSE;
GetSystemTime(&st);
SystemTimeToEventTime(&st, &((PEVENTLOGRECORD) Buffer)->TimeWritten);
NtQuerySystemTime(&SystemTime);
RtlTimeToSecondsSince1970(&SystemTime, &((PEVENTLOGRECORD) Buffer)->TimeWritten);
EnterCriticalSection(&LogFile->cs);
@ -1125,6 +1125,7 @@ BOOL LogfAddOffsetInformation(PLOGFILE LogFile, ULONG ulNumber, ULONG ulOffset)
PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
DWORD dwRecordNumber,
DWORD dwTime,
WORD wType,
WORD wCategory,
DWORD dwEventId,
@ -1139,7 +1140,6 @@ PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
{
DWORD dwRecSize;
PEVENTLOGRECORD pRec;
SYSTEMTIME SysTime;
WCHAR *str;
UINT i, pos;
PBYTE Buffer;
@ -1148,8 +1148,8 @@ PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
sizeof(EVENTLOGRECORD) + (lstrlenW(ComputerName) +
lstrlenW(SourceName) + 2) * sizeof(WCHAR);
if (dwRecSize % 4 != 0)
dwRecSize += 4 - (dwRecSize % 4);
if (dwRecSize % sizeof(DWORD) != 0)
dwRecSize += sizeof(DWORD) - (dwRecSize % sizeof(DWORD));
dwRecSize += dwSidLength;
@ -1160,10 +1160,10 @@ PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
}
dwRecSize += dwDataSize;
if (dwRecSize % 4 != 0)
dwRecSize += 4 - (dwRecSize % 4);
if (dwRecSize % sizeof(DWORD) != 0)
dwRecSize += sizeof(DWORD) - (dwRecSize % sizeof(DWORD));
dwRecSize += 4;
dwRecSize += sizeof(DWORD);
Buffer = HeapAlloc(MyHeap, HEAP_ZERO_MEMORY, dwRecSize);
@ -1178,9 +1178,8 @@ PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
pRec->Reserved = LOGFILE_SIGNATURE;
pRec->RecordNumber = dwRecordNumber;
GetSystemTime(&SysTime);
SystemTimeToEventTime(&SysTime, &pRec->TimeGenerated);
SystemTimeToEventTime(&SysTime, &pRec->TimeWritten);
pRec->TimeGenerated = dwTime;
pRec->TimeWritten = dwTime;
pRec->EventID = dwEventId;
pRec->EventType = wType;
@ -1195,8 +1194,8 @@ PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
pRec->UserSidOffset = pos;
if (pos % 4 != 0)
pos += 4 - (pos % 4);
if (pos % sizeof(DWORD) != 0)
pos += sizeof(DWORD) - (pos % sizeof(DWORD));
if (dwSidLength)
{
@ -1223,8 +1222,8 @@ PBYTE LogfAllocAndBuildNewRecord(LPDWORD lpRecSize,
pos += dwDataSize;
}
if (pos % 4 != 0)
pos += 4 - (pos % 4);
if (pos % sizeof(DWORD) != 0)
pos += sizeof(DWORD) - (pos % sizeof(DWORD));
*((PDWORD) (Buffer + pos)) = dwRecSize;
@ -1249,6 +1248,8 @@ LogfReportEvent(WORD wType,
DWORD lastRec;
DWORD recSize;
DWORD dwError;
DWORD dwTime;
LARGE_INTEGER SystemTime;
if (!GetComputerNameW(szComputerName, &dwComputerNameLength))
{
@ -1261,9 +1262,13 @@ LogfReportEvent(WORD wType,
return;
}
NtQuerySystemTime(&SystemTime);
RtlTimeToSecondsSince1970(&SystemTime, &dwTime);
lastRec = LogfGetCurrentRecord(pEventSource->LogFile);
logBuffer = LogfAllocAndBuildNewRecord(&recSize,
dwTime,
lastRec,
wType,
wCategory,

7
reactos/base/services/eventlog/logport.c
View file

@ -109,6 +109,8 @@ NTSTATUS ProcessPortMessage(VOID)
DWORD dwRecSize;
NTSTATUS Status;
PLOGFILE SystemLog = NULL;
LARGE_INTEGER SystemTime;
ULONG Seconds;
DPRINT("ProcessPortMessage() called\n");
@ -145,7 +147,10 @@ NTSTATUS ProcessPortMessage(VOID)
Message = (PIO_ERROR_LOG_MESSAGE) & Request.Message;
ulRecNum = SystemLog ? SystemLog->Header.CurrentRecordNumber : 0;
pRec = (PEVENTLOGRECORD) LogfAllocAndBuildNewRecord(&dwRecSize,
NtQuerySystemTime(&SystemTime);
RtlTimeToSecondsSince1970(&SystemTime, &Seconds);
pRec = (PEVENTLOGRECORD) LogfAllocAndBuildNewRecord(&dwRecSize, Seconds,
ulRecNum, Message->Type, Message->EntryData.EventCategory,
Message->EntryData.ErrorCode,
(WCHAR *) (((PBYTE) Message) + Message->DriverNameOffset),

1
reactos/base/services/eventlog/rpc.c
View file

@ -496,6 +496,7 @@ NTSTATUS ElfrReportEventW(
if (UserSID)
dwUserSidLength = FIELD_OFFSET(SID, SubAuthority[UserSID->SubAuthorityCount]);
LogBuffer = LogfAllocAndBuildNewRecord(&recSize,
Time,
lastRec,
EventType,
EventCategory,

1
reactos/dll/win32/advapi32/advapi32.h
View file

@ -28,6 +28,7 @@
#include <ndk/cmfuncs.h>
#include <ndk/exfuncs.h>
#include <ndk/iofuncs.h>
#include <ndk/kefuncs.h>
#include <ndk/obfuncs.h>
#include <ndk/psfuncs.h>
#include <ndk/rtlfuncs.h>

14
reactos/dll/win32/advapi32/service/eventlog.c
View file

@ -945,6 +945,8 @@ ReportEventA(IN HANDLE hEventLog,
WORD i;
CHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD dwSize;
LARGE_INTEGER SystemTime;
ULONG Seconds;
TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
hEventLog, wType, wCategory, dwEventID, lpUserSid,
@ -974,10 +976,13 @@ ReportEventA(IN HANDLE hEventLog,
GetComputerNameA(szComputerName, &dwSize);
RtlInitAnsiString(&ComputerName, szComputerName);
NtQuerySystemTime(&SystemTime);
RtlTimeToSecondsSince1970(&SystemTime, &Seconds);
RpcTryExcept
{
Status = ElfrReportEventA(hEventLog,
0, /* FIXME: Time */
Seconds,
wType,
wCategory,
dwEventID,
@ -1046,6 +1051,8 @@ ReportEventW(IN HANDLE hEventLog,
WORD i;
WCHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
DWORD dwSize;
LARGE_INTEGER SystemTime;
ULONG Seconds;
TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
hEventLog, wType, wCategory, dwEventID, lpUserSid,
@ -1075,10 +1082,13 @@ ReportEventW(IN HANDLE hEventLog,
GetComputerNameW(szComputerName, &dwSize);
RtlInitUnicodeString(&ComputerName, szComputerName);
NtQuerySystemTime(&SystemTime);
RtlTimeToSecondsSince1970(&SystemTime, &Seconds);
RpcTryExcept
{
Status = ElfrReportEventW(hEventLog,
0, /* FIXME: Time */
Seconds,
wType,
wCategory,
dwEventID,