win32utils devel - May 2006 - Need a little help with the pure Ruby win32-eventlog

Hi all,

I''m working on the EventLog#read method for the pure Ruby version of 
win32-eventlog, but I''m stuck on the get_description private method.

Here are the problems:

* I don''t think I''m advancing the EVENTLOGRECORD properly
between
iterations.  Take a look at the end of the "while dwread > 0" loop.
I
get some records, but not all of them.

* I''m not sure how to properly populate or pack/unpack the va_list, 
which is later passed to the FormatMessage() function.

Please take a look.

Thanks,

Dan

Hi,

2006/5/17, Daniel Berger <djberg96 at gmail.com>:
> Hi all,
>
> I''m working on the EventLog#read method for the pure Ruby version
of
> win32-eventlog, but I''m stuck on the get_description private
method.
>
> Here are the problems:
>
> * I don''t think I''m advancing the EVENTLOGRECORD properly
between
> iterations.  Take a look at the end of the "while dwread > 0"
loop.  I
> get some records, but not all of them.
>
> * I''m not sure how to properly populate or pack/unpack the
va_list,
> which is later passed to the FormatMessage() function.
>
> Please take a look.
>
> Thanks,
>
> Dan
Here is the patch:

--- eventlog.rb	2006-05-17 10:40:34.000000000 +0900
+++ eventlog.rb.new	2006-05-17 12:46:18.978361600 +0900
@@ -227,6 +227,7 @@
                struct.event_type     = event_type
                struct.user           = user
                struct.category       =
buf[26,2].unpack(''S'').first
+               struct.description 	 = desc

                if block_given?
                   yield struct
@@ -239,9 +240,9 @@
                end

                length = buf[0,4].unpack(''L'').first # Length
-
-               dwread -= buf.strip.length
-               buf += 0.chr * length
+
+               dwread -= length
+               buf = buf[length..-1]
             end

             buf = 0.chr * BUFFER_SIZE
@@ -254,19 +255,20 @@
       private

       # TODO: finish
-      def get_description(rec, event_source)
-         str     = rec[36,4].unpack(''L'').first # StringOffset
+      def get_description(rec, event_source)
+         str     =
[rec].pack(''P'').unpack(''L'').first +
rec[36,4].unpack(''L'').first # StringOffset
          num     = rec[24,2].unpack(''S'').first # NumStrings
          hkey    = [0].pack(''L'')
          key     = BASE_KEY + "#{@source}\\#{event_source}"
          va_list = []
+         buf = 0.chr * 1024

          # TODO: Fix this loop
          0.upto(num){
             va_list.push(str)
             str += str.size + 1
          }
-
+         	va_list_ptr = va_list.pack(''L*'')
          if RegOpenKeyEx(HKEY_LOCAL_MACHINE, key, 0, KEY_READ, hkey) == 0
             value = ''EventMessageFile''
             file  = 0.chr * MAX_SIZE
@@ -284,9 +286,7 @@
                   hmodule  = LoadLibraryEx(file, 0, LOAD_LIBRARY_AS_DATAFILE)
                   event_id = rec[20,4].unpack(''L'').first
                   if hmodule != 0
-                     buf = 0.chr * 260
                      FormatMessage(
-                        FORMAT_MESSAGE_ALLOCATE_BUFFER |
                         FORMAT_MESSAGE_FROM_HMODULE |
                         FORMAT_MESSAGE_FROM_SYSTEM |
                         FORMAT_MESSAGE_ARGUMENT_ARRAY,
@@ -295,7 +295,7 @@
                         0,
                         buf,
                         buf.size,
-                        va_list # TODO: unpack this properly
+                        va_list_ptr
                      )
                      FreeLibrary(hmodule)
                   end
@@ -304,6 +304,6 @@

             RegCloseKey(hkey)
          end
+         buf.strip
       end


Regards,

Park Heesob