ReactOS 0.4.15-dev-7958-gcd0bb1a
Functions | Variables
eventlog.c File Reference
#include <stdarg.h>
#include "initguid.h"
#include "windef.h"
#include "winbase.h"
#include "winerror.h"
#include "winnt.h"
#include "winreg.h"
#include "sddl.h"
#include "wmistr.h"
#include "evntrace.h"
#include "wine/test.h"
Include dependency graph for eventlog.c:

Go to the source code of this file.

Functions

static BOOL (WINAPI *pCreateWellKnownSid)(WELL_KNOWN_SID_TYPE
 
static void init_function_pointers (void)
 
static BOOL create_backup (const char *filename)
 
static void test_open_close (void)
 
static void test_info (void)
 
static void test_count (void)
 
static void test_oldest (void)
 
static void test_backup (void)
 
static void test_read (void)
 
static void test_openbackup (void)
 
static void test_clear (void)
 
static BOOL create_new_eventlog (void)
 
static void test_readwrite (void)
 
static void test_autocreation (void)
 
static void cleanup_eventlog (void)
 
static void test_start_trace (void)
 
 START_TEST (eventlog)
 

Variables

static PSID
 
static DWORD *static DWORD
 
static DWORD *static LPVOID
 
static DWORD *static LPDWORD
 
static LPSTR
 
static const char eventlogsvc [] = "SYSTEM\\CurrentControlSet\\Services\\Eventlog"
 
static const char eventlogname [] = "Wine"
 
static const char eventsources [][11] = { "WineSrc", "WineSrc1", "WineSrc20", "WineSrc300" }
 
static const charone_string [] = { "First string" }
 
static const chartwo_strings [] = { "First string", "Second string" }
 
struct {
   const char *   evt_src
 
   WORD   evt_type
 
   WORD   evt_cat
 
   DWORD   evt_id
 
   BOOL   evt_sid
 
   WORD   evt_numstrings
 
   const char **   evt_strings
 
read_write []
 
static char eventlogfile [MAX_PATH]
 

Function Documentation

◆ BOOL()

static BOOL ( WINAPI pCreateWellKnownSid)
static

◆ cleanup_eventlog()

static void cleanup_eventlog ( void  )
static

Definition at line 1121 of file eventlog.c.

1122{
1123 BOOL bret;
1124 LONG lret;
1125 HKEY key;
1126 DWORD i;
1127 char winesvc[MAX_PATH];
1128
1129 /* Delete the registry tree */
1130 lstrcpyA(winesvc, eventlogsvc);
1131 lstrcatA(winesvc, "\\");
1132 lstrcatA(winesvc, eventlogname);
1133
1134 RegOpenKeyA(HKEY_LOCAL_MACHINE, winesvc, &key);
1135 for (i = 0; i < sizeof(eventsources)/sizeof(eventsources[0]); i++)
1136 RegDeleteKeyA(key, eventsources[i]);
1137 RegDeleteValueA(key, "Sources");
1138 RegCloseKey(key);
1139 lret = RegDeleteKeyA(HKEY_LOCAL_MACHINE, winesvc);
1140 ok(lret == ERROR_SUCCESS, "Could not delete the registry tree : %d\n", lret);
1141
1142 /* A handle to the eventlog is locked by services.exe. We can only
1143 * delete the eventlog file after reboot.
1144 */
1145 bret = MoveFileExA(eventlogfile, NULL, MOVEFILE_DELAY_UNTIL_REBOOT);
1146 ok(bret, "Expected MoveFileEx to succeed: %d\n", GetLastError());
1147}
ok
#define ok(value,...)
Definition: atltest.h:57
RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:49
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
NULL
#define NULL
Definition: types.h:112
RegOpenKeyA
LONG WINAPI RegOpenKeyA(HKEY hKey, LPCSTR lpSubKey, PHKEY phkResult)
Definition: reg.c:3234
RegDeleteValueA
LONG WINAPI RegDeleteValueA(HKEY hKey, LPCSTR lpValueName)
Definition: reg.c:2287
RegDeleteKeyA
LONG WINAPI RegDeleteKeyA(_In_ HKEY hKey, _In_ LPCSTR lpSubKey)
Definition: reg.c:1224
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
MoveFileExA
BOOL WINAPI MoveFileExA(IN LPCSTR lpExistingFileName, IN LPCSTR lpNewFileName OPTIONAL, IN DWORD dwFlags)
Definition: move.c:1153
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
lstrcpyA
LPSTR WINAPI lstrcpyA(LPSTR lpString1, LPCSTR lpString2)
Definition: lstring.c:100
lstrcatA
LPSTR WINAPI lstrcatA(LPSTR lpString1, LPCSTR lpString2)
Definition: lstring.c:123
eventlogfile
static char eventlogfile[MAX_PATH]
Definition: eventlog.c:1050
eventsources
static const char eventsources[][11]
Definition: eventlog.c:653
eventlogname
static const char eventlogname[]
Definition: eventlog.c:652
eventlogsvc
static const char eventlogsvc[]
Definition: eventlog.c:651
LONG
long LONG
Definition: pedump.c:60
key
Definition: copy.c:22
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
MOVEFILE_DELAY_UNTIL_REBOOT
#define MOVEFILE_DELAY_UNTIL_REBOOT
Definition: winbase.h:400
HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12

Referenced by START_TEST().

◆ create_backup()

static BOOL create_backup ( const char filename)
static

Definition at line 55 of file eventlog.c.

56{
57 HANDLE handle;
58 DWORD rc, attribs;
59
60 DeleteFileA(filename);
61 handle = OpenEventLogA(NULL, "Application");
62 rc = BackupEventLogA(handle, filename);
63 if (!rc && GetLastError() == ERROR_PRIVILEGE_NOT_HELD)
64 {
65 skip("insufficient privileges to backup the eventlog\n");
66 CloseEventLog(handle);
67 return FALSE;
68 }
69 ok(rc, "BackupEventLogA failed, le=%u\n", GetLastError());
70 CloseEventLog(handle);
71
72 attribs = GetFileAttributesA(filename);
73 todo_wine
74 ok(attribs != INVALID_FILE_ATTRIBUTES, "Expected a backup file attribs=%#x le=%u\n", attribs, GetLastError());
75 return TRUE;
76}
skip
#define skip(...)
Definition: atltest.h:64
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
CloseEventLog
BOOL WINAPI CloseEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:427
OpenEventLogA
HANDLE WINAPI OpenEventLogA(IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
Definition: eventlog.c:919
BackupEventLogA
BOOL WINAPI BackupEventLogA(IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
Definition: eventlog.c:177
DeleteFileA
BOOL WINAPI DeleteFileA(IN LPCSTR lpFileName)
Definition: delete.c:24
GetFileAttributesA
DWORD WINAPI GetFileAttributesA(LPCSTR lpFileName)
Definition: fileinfo.c:636
attribs
const GLint * attribs
Definition: glext.h:10538
filename
const char * filename
Definition: ioapi.h:137
todo_wine
#define todo_wine
Definition: custom.c:79
INVALID_FILE_ATTRIBUTES
#define INVALID_FILE_ATTRIBUTES
Definition: vfdcmd.c:23
ERROR_PRIVILEGE_NOT_HELD
#define ERROR_PRIVILEGE_NOT_HELD
Definition: winerror.h:796

Referenced by test_clear(), test_count(), test_oldest(), and test_openbackup().

◆ create_new_eventlog()

static BOOL create_new_eventlog ( void  )
static

Definition at line 655 of file eventlog.c.

656{
657 HKEY key, eventkey;
658 BOOL bret = FALSE;
659 LONG lret;
660 DWORD i;
661
662 /* First create our eventlog */
663 lret = RegOpenKeyA(HKEY_LOCAL_MACHINE, eventlogsvc, &key);
664 if (lret != ERROR_SUCCESS)
665 {
666 skip("Could not open the EventLog service registry key\n");
667 return FALSE;
668 }
669 lret = RegCreateKeyA(key, eventlogname, &eventkey);
670 if (lret != ERROR_SUCCESS)
671 {
672 skip("Could not create the eventlog '%s' registry key\n", eventlogname);
673 goto cleanup;
674 }
675
676 /* Create some event sources, the registry value 'Sources' is updated automatically */
677 for (i = 0; i < sizeof(eventsources)/sizeof(eventsources[0]); i++)
678 {
679 HKEY srckey;
680
681 lret = RegCreateKeyA(eventkey, eventsources[i], &srckey);
682 if (lret != ERROR_SUCCESS)
683 {
684 skip("Could not create the eventsource '%s' registry key\n", eventsources[i]);
685 goto cleanup;
686 }
687 RegFlushKey(srckey);
688 RegCloseKey(srckey);
689 }
690
691 bret = TRUE;
692
693 /* The flushing of the registry (here and above) gives us some assurance
694 * that we are not to quickly writing events as 'Sources' could still be
695 * not updated.
696 */
697 RegFlushKey(eventkey);
698cleanup:
699 RegCloseKey(eventkey);
700 RegCloseKey(key);
701
702 return bret;
703}
RegCreateKeyA
LONG WINAPI RegCreateKeyA(HKEY hKey, LPCSTR lpSubKey, PHKEY phkResult)
Definition: reg.c:1179
RegFlushKey
LONG WINAPI RegFlushKey(HKEY hKey)
Definition: reg.c:2951
cleanup
static void cleanup(void)
Definition: main.c:1335

Referenced by START_TEST().

◆ init_function_pointers()

static void init_function_pointers ( void  )
static

Definition at line 42 of file eventlog.c.

43{
44 HMODULE hadvapi32 = GetModuleHandleA("advapi32.dll");
45 HMODULE hkernel32 = GetModuleHandleA("kernel32.dll");
46
47 pCreateWellKnownSid = (void*)GetProcAddress(hadvapi32, "CreateWellKnownSid");
48 pGetEventLogInformation = (void*)GetProcAddress(hadvapi32, "GetEventLogInformation");
49
50 pGetComputerNameExA = (void*)GetProcAddress(hkernel32, "GetComputerNameExA");
51 pWow64DisableWow64FsRedirection = (void*)GetProcAddress(hkernel32, "Wow64DisableWow64FsRedirection");
52 pWow64RevertWow64FsRedirection = (void*)GetProcAddress(hkernel32, "Wow64RevertWow64FsRedirection");
53}
GetProcAddress
#define GetProcAddress(x, y)
Definition: compat.h:753
GetModuleHandleA
HMODULE WINAPI DECLSPEC_HOTPATCH GetModuleHandleA(LPCSTR lpModuleName)
Definition: loader.c:812
hkernel32
static HINSTANCE hkernel32
Definition: process.c:66

Referenced by START_TEST().

◆ START_TEST()

START_TEST ( eventlog  )

Definition at line 1241 of file eventlog.c.

1242{
1243 SetLastError(0xdeadbeef);
1244 CloseEventLog(NULL);
1245 if (GetLastError() == ERROR_CALL_NOT_IMPLEMENTED)
1246 {
1247 win_skip("Event log functions are not implemented\n");
1248 return;
1249 }
1250
1251 init_function_pointers();
1252
1253 /* Parameters only */
1254 test_open_close();
1255 test_info();
1256 test_count();
1257 test_oldest();
1258 test_backup();
1259 test_openbackup();
1260 test_read();
1261 test_clear();
1262
1263 /* Functional tests */
1264 if (create_new_eventlog())
1265 {
1266 test_readwrite();
1267 test_autocreation();
1268 cleanup_eventlog();
1269 }
1270
1271 /* Trace tests */
1272 test_start_trace();
1273}
ERROR_CALL_NOT_IMPLEMENTED
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
SetLastError
#define SetLastError(x)
Definition: compat.h:752
test_clear
static void test_clear(void)
Definition: eventlog.c:598
test_oldest
static void test_oldest(void)
Definition: eventlog.c:246
test_backup
static void test_backup(void)
Definition: eventlog.c:300
init_function_pointers
static void init_function_pointers(void)
Definition: eventlog.c:42
create_new_eventlog
static BOOL create_new_eventlog(void)
Definition: eventlog.c:655
test_readwrite
static void test_readwrite(void)
Definition: eventlog.c:730
test_autocreation
static void test_autocreation(void)
Definition: eventlog.c:1051
test_count
static void test_count(void)
Definition: eventlog.c:192
test_info
static void test_info(void)
Definition: eventlog.c:131
test_start_trace
static void test_start_trace(void)
Definition: eventlog.c:1149
test_read
static void test_read(void)
Definition: eventlog.c:363
cleanup_eventlog
static void cleanup_eventlog(void)
Definition: eventlog.c:1121
test_openbackup
static void test_openbackup(void)
Definition: eventlog.c:511
test_open_close
static void test_open_close(void)
Definition: eventlog.c:78
win_skip
#define win_skip
Definition: test.h:160

◆ test_autocreation()

static void test_autocreation ( void  )
static

Definition at line 1051 of file eventlog.c.

1052{
1053 HKEY key, eventkey;
1054 DWORD type, size;
1055 LONG ret;
1056 int i;
1057 char *p;
1058 char sources[sizeof(eventsources)];
1059 char sysdir[MAX_PATH];
1060 void *redir = 0;
1061
1062 RegOpenKeyA(HKEY_LOCAL_MACHINE, eventlogsvc, &key);
1063 RegOpenKeyA(key, eventlogname, &eventkey);
1064
1065 size = sizeof(sources);
1066 sources[0] = 0;
1067 ret = RegQueryValueExA(eventkey, "Sources", NULL, &type, (LPBYTE)sources, &size);
1068 if (ret == ERROR_SUCCESS)
1069 {
1070 char sources_verify[sizeof(eventsources)];
1071
1072 ok(type == REG_MULTI_SZ, "Expected a REG_MULTI_SZ, got %d\n", type);
1073
1074 /* Build the expected string */
1075 memset(sources_verify, 0, sizeof(sources_verify));
1076 p = sources_verify;
1077 for (i = sizeof(eventsources)/sizeof(eventsources[0]); i > 0; i--)
1078 {
1079 lstrcpyA(p, eventsources[i - 1]);
1080 p += (lstrlenA(eventsources[i - 1]) + 1);
1081 }
1082 lstrcpyA(p, eventlogname);
1083
1084 ok(!memcmp(sources, sources_verify, size),
1085 "Expected a correct 'Sources' value (size : %d)\n", size);
1086 }
1087
1088 RegCloseKey(eventkey);
1089 RegCloseKey(key);
1090
1091 /* The directory that holds the eventlog files could be redirected */
1092 if (pWow64DisableWow64FsRedirection)
1093 pWow64DisableWow64FsRedirection(&redir);
1094
1095 /* On Windows we also automatically get an eventlog file */
1096 GetSystemDirectoryA(sysdir, sizeof(sysdir));
1097
1098 /* NT4 - W2K3 */
1099 lstrcpyA(eventlogfile, sysdir);
1100 lstrcatA(eventlogfile, "\\config\\");
1101 lstrcatA(eventlogfile, eventlogname);
1102 lstrcatA(eventlogfile, ".evt");
1103
1104 if (GetFileAttributesA(eventlogfile) == INVALID_FILE_ATTRIBUTES)
1105 {
1106 /* Vista+ */
1107 lstrcpyA(eventlogfile, sysdir);
1108 lstrcatA(eventlogfile, "\\winevt\\Logs\\");
1109 lstrcatA(eventlogfile, eventlogname);
1110 lstrcatA(eventlogfile, ".evtx");
1111 }
1112
1113 todo_wine
1114 ok(GetFileAttributesA(eventlogfile) != INVALID_FILE_ATTRIBUTES,
1115 "Expected an eventlog file\n");
1116
1117 if (pWow64RevertWow64FsRedirection)
1118 pWow64RevertWow64FsRedirection(redir);
1119}
memcmp
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
Definition: utclib.c:112
RegQueryValueExA
LONG WINAPI RegQueryValueExA(_In_ HKEY hkeyorg, _In_ LPCSTR name, _In_ LPDWORD reserved, _Out_opt_ LPDWORD type, _Out_opt_ LPBYTE data, _Inout_opt_ LPDWORD count)
Definition: reg.c:4009
GetSystemDirectoryA
UINT WINAPI GetSystemDirectoryA(OUT LPSTR lpBuffer, IN UINT uSize)
Definition: path.c:2283
type
GLuint GLuint GLsizei GLenum type
Definition: gl.h:1545
size
GLsizeiptr size
Definition: glext.h:5919
sources
GLsizei GLenum * sources
Definition: glext.h:7753
p
GLfloat GLfloat p
Definition: glext.h:8902
lstrlenA
int WINAPI lstrlenA(LPCSTR lpString)
Definition: lstring.c:145
REG_MULTI_SZ
#define REG_MULTI_SZ
Definition: nt_native.h:1501
memset
#define memset(x, y, z)
Definition: compat.h:39
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
ret
int ret
Definition: wcstombs-tests.c:31

Referenced by START_TEST().

◆ test_backup()

static void test_backup ( void  )
static

Definition at line 300 of file eventlog.c.

301{
302 HANDLE handle;
303 BOOL ret;
304 const char backup[] = "backup.evt";
305 const char backup2[] = "backup2.evt";
306
307 SetLastError(0xdeadbeef);
308 ret = BackupEventLogA(NULL, NULL);
309 ok(!ret, "Expected failure\n");
310 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
311
312 SetLastError(0xdeadbeef);
313 ret = BackupEventLogA(NULL, backup);
314 ok(!ret, "Expected failure\n");
315 ok(GetFileAttributesA(backup) == INVALID_FILE_ATTRIBUTES, "Expected no backup file\n");
316
317 handle = OpenEventLogA(NULL, "Application");
318
319 SetLastError(0xdeadbeef);
320 ret = BackupEventLogA(handle, NULL);
321 ok(!ret, "Expected failure\n");
322 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
323
324 ret = BackupEventLogA(handle, backup);
325 if (!ret && GetLastError() == ERROR_PRIVILEGE_NOT_HELD)
326 {
327 skip("insufficient privileges for backup tests\n");
328 CloseEventLog(handle);
329 return;
330 }
331 ok(ret, "Expected success\n");
332 todo_wine
333 ok(GetFileAttributesA(backup) != INVALID_FILE_ATTRIBUTES, "Expected a backup file\n");
334
335 /* Try to overwrite */
336 SetLastError(0xdeadbeef);
337 ret = BackupEventLogA(handle, backup);
338 todo_wine
339 {
340 ok(!ret, "Expected failure\n");
341 ok(GetLastError() == ERROR_ALREADY_EXISTS, "Expected ERROR_ALREADY_EXISTS, got %d\n", GetLastError());
342 }
343
344 CloseEventLog(handle);
345
346 /* Can we make a backup of a backup? */
347 handle = OpenBackupEventLogA(NULL, backup);
348 todo_wine
349 ok(handle != NULL, "Expected a handle\n");
350
351 ret = BackupEventLogA(handle, backup2);
352 todo_wine
353 {
354 ok(ret, "Expected success\n");
355 ok(GetFileAttributesA(backup2) != INVALID_FILE_ATTRIBUTES, "Expected a backup file\n");
356 }
357
358 CloseEventLog(handle);
359 DeleteFileA(backup);
360 DeleteFileA(backup2);
361}
backup
static long backup()
Definition: maze.c:403
OpenBackupEventLogA
HANDLE WINAPI OpenBackupEventLogA(IN LPCSTR lpUNCServerName, IN LPCSTR lpFileName)
Definition: eventlog.c:725
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
ERROR_ALREADY_EXISTS
#define ERROR_ALREADY_EXISTS
Definition: disk.h:80

Referenced by START_TEST().

◆ test_clear()

static void test_clear ( void  )
static

Definition at line 598 of file eventlog.c.

599{
600 HANDLE handle;
601 BOOL ret;
602 const char backup[] = "backup.evt";
603 const char backup2[] = "backup2.evt";
604
605 SetLastError(0xdeadbeef);
606 ret = ClearEventLogA(NULL, NULL);
607 ok(!ret, "Expected failure\n");
608 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
609
610 /* Make a backup eventlog to work with */
611 if (!create_backup(backup))
612 return;
613
614 SetLastError(0xdeadbeef);
615 ret = ClearEventLogA(NULL, backup);
616 ok(!ret, "Expected failure\n");
617 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
618
619 handle = OpenBackupEventLogA(NULL, backup);
620 todo_wine
621 ok(handle != NULL, "Expected a handle\n");
622
623 /* A real eventlog would fail with ERROR_ALREADY_EXISTS */
624 SetLastError(0xdeadbeef);
625 ret = ClearEventLogA(handle, backup);
626 ok(!ret, "Expected failure\n");
627 /* The eventlog service runs under an account that doesn't have the necessary
628 * permissions on the users home directory on a default Vista+ system.
629 */
630 ok(GetLastError() == ERROR_INVALID_HANDLE ||
631 GetLastError() == ERROR_ACCESS_DENIED, /* Vista+ */
632 "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
633
634 /* Show that ClearEventLog only works for real eventlogs. */
635 SetLastError(0xdeadbeef);
636 ret = ClearEventLogA(handle, backup2);
637 ok(!ret, "Expected failure\n");
638 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
639 ok(GetFileAttributesA(backup2) == INVALID_FILE_ATTRIBUTES, "Expected no backup file\n");
640
641 SetLastError(0xdeadbeef);
642 ret = ClearEventLogA(handle, NULL);
643 ok(!ret, "Expected failure\n");
644 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
645
646 CloseEventLog(handle);
647 todo_wine
648 ok(DeleteFileA(backup), "Could not delete the backup file\n");
649}
ClearEventLogA
BOOL WINAPI ClearEventLogA(IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
Definition: eventlog.c:305
ERROR_INVALID_HANDLE
#define ERROR_INVALID_HANDLE
Definition: compat.h:98
ERROR_ACCESS_DENIED
#define ERROR_ACCESS_DENIED
Definition: compat.h:97
create_backup
static BOOL create_backup(const char *filename)
Definition: eventlog.c:55

Referenced by START_TEST(), and test_HTMLDocument_hlink().

◆ test_count()

static void test_count ( void  )
static

Definition at line 192 of file eventlog.c.

193{
194 HANDLE handle;
195 BOOL ret;
196 DWORD count;
197 const char backup[] = "backup.evt";
198
199 SetLastError(0xdeadbeef);
200 ret = GetNumberOfEventLogRecords(NULL, NULL);
201 ok(!ret, "Expected failure\n");
202 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
203
204 SetLastError(0xdeadbeef);
205 count = 0xdeadbeef;
206 ret = GetNumberOfEventLogRecords(NULL, &count);
207 ok(!ret, "Expected failure\n");
208 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
209 ok(count == 0xdeadbeef, "Expected count to stay unchanged\n");
210
211 handle = OpenEventLogA(NULL, "Application");
212
213 SetLastError(0xdeadbeef);
214 ret = GetNumberOfEventLogRecords(handle, NULL);
215 ok(!ret, "Expected failure\n");
216 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
217
218 count = 0xdeadbeef;
219 ret = GetNumberOfEventLogRecords(handle, &count);
220 ok(ret, "Expected success\n");
221 ok(count != 0xdeadbeef, "Expected the number of records\n");
222
223 CloseEventLog(handle);
224
225 /* Make a backup eventlog to work with */
226 if (create_backup(backup))
227 {
228 handle = OpenBackupEventLogA(NULL, backup);
229 todo_wine
230 ok(handle != NULL, "Expected a handle, le=%d\n", GetLastError());
231
232 /* Does GetNumberOfEventLogRecords work with backup eventlogs? */
233 count = 0xdeadbeef;
234 ret = GetNumberOfEventLogRecords(handle, &count);
235 todo_wine
236 {
237 ok(ret, "Expected success\n");
238 ok(count != 0xdeadbeef, "Expected the number of records\n");
239 }
240
241 CloseEventLog(handle);
242 DeleteFileA(backup);
243 }
244}
GetNumberOfEventLogRecords
BOOL WINAPI GetNumberOfEventLogRecords(IN HANDLE hEventLog, OUT PDWORD NumberOfRecords)
Definition: eventlog.c:570
count
GLuint GLuint GLsizei count
Definition: gl.h:1545

Referenced by START_TEST().

◆ test_info()

static void test_info ( void  )
static

Definition at line 131 of file eventlog.c.

132{
133 HANDLE handle;
134 BOOL ret;
135 DWORD needed;
136 BYTE buffer[2 * sizeof(EVENTLOG_FULL_INFORMATION)];
137 EVENTLOG_FULL_INFORMATION *efi = (void *)buffer;
138
139 if (!pGetEventLogInformation)
140 {
141 /* NT4 */
142 win_skip("GetEventLogInformation is not available\n");
143 return;
144 }
145 SetLastError(0xdeadbeef);
146 ret = pGetEventLogInformation(NULL, 1, NULL, 0, NULL);
147 ok(!ret, "Expected failure\n");
148 ok(GetLastError() == ERROR_INVALID_LEVEL, "Expected ERROR_INVALID_LEVEL, got %d\n", GetLastError());
149
150 SetLastError(0xdeadbeef);
151 ret = pGetEventLogInformation(NULL, EVENTLOG_FULL_INFO, NULL, 0, NULL);
152 ok(!ret, "Expected failure\n");
153 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
154
155 handle = OpenEventLogA(NULL, "Application");
156
157 SetLastError(0xdeadbeef);
158 ret = pGetEventLogInformation(handle, EVENTLOG_FULL_INFO, NULL, 0, NULL);
159 ok(!ret, "Expected failure\n");
160 ok(GetLastError() == RPC_X_NULL_REF_POINTER, "Expected RPC_X_NULL_REF_POINTER, got %d\n", GetLastError());
161
162 SetLastError(0xdeadbeef);
163 ret = pGetEventLogInformation(handle, EVENTLOG_FULL_INFO, NULL, 0, &needed);
164 ok(!ret, "Expected failure\n");
165 ok(GetLastError() == RPC_X_NULL_REF_POINTER, "Expected RPC_X_NULL_REF_POINTER, got %d\n", GetLastError());
166
167 SetLastError(0xdeadbeef);
168 ret = pGetEventLogInformation(handle, EVENTLOG_FULL_INFO, efi, 0, NULL);
169 ok(!ret, "Expected failure\n");
170 ok(GetLastError() == RPC_X_NULL_REF_POINTER, "Expected RPC_X_NULL_REF_POINTER, got %d\n", GetLastError());
171
172 SetLastError(0xdeadbeef);
173 needed = 0xdeadbeef;
174 efi->dwFull = 0xdeadbeef;
175 ret = pGetEventLogInformation(handle, EVENTLOG_FULL_INFO, efi, 0, &needed);
176 ok(!ret, "Expected failure\n");
177 ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n", GetLastError());
178 ok(needed == sizeof(EVENTLOG_FULL_INFORMATION), "Expected sizeof(EVENTLOG_FULL_INFORMATION), got %d\n", needed);
179 ok(efi->dwFull == 0xdeadbeef, "Expected no change to the dwFull member\n");
180
181 /* Not that we care, but on success last error is set to ERROR_IO_PENDING */
182 efi->dwFull = 0xdeadbeef;
183 needed = sizeof(buffer);
184 ret = pGetEventLogInformation(handle, EVENTLOG_FULL_INFO, efi, needed, &needed);
185 ok(ret, "Expected success\n");
186 ok(needed == sizeof(EVENTLOG_FULL_INFORMATION), "Expected sizeof(EVENTLOG_FULL_INFORMATION), got %d\n", needed);
187 ok(efi->dwFull == 0 || efi->dwFull == 1, "Expected 0 (not full) or 1 (full), got %d\n", efi->dwFull);
188
189 CloseEventLog(handle);
190}
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
buffer
GLuint buffer
Definition: glext.h:5915
_EVENTLOG_FULL_INFORMATION
Definition: winbase.h:1156
EVENTLOG_FULL_INFO
#define EVENTLOG_FULL_INFO
Definition: winbase.h:1154
EVENTLOG_FULL_INFORMATION
struct _EVENTLOG_FULL_INFORMATION EVENTLOG_FULL_INFORMATION
ERROR_INVALID_LEVEL
#define ERROR_INVALID_LEVEL
Definition: winerror.h:196
RPC_X_NULL_REF_POINTER
#define RPC_X_NULL_REF_POINTER
Definition: winerror.h:1087
BYTE
unsigned char BYTE
Definition: xxhash.c:193

Referenced by START_TEST().

◆ test_oldest()

static void test_oldest ( void  )
static

Definition at line 246 of file eventlog.c.

247{
248 HANDLE handle;
249 BOOL ret;
250 DWORD oldest;
251 const char backup[] = "backup.evt";
252
253 SetLastError(0xdeadbeef);
254 ret = GetOldestEventLogRecord(NULL, NULL);
255 ok(!ret, "Expected failure\n");
256 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
257
258 SetLastError(0xdeadbeef);
259 oldest = 0xdeadbeef;
260 ret = GetOldestEventLogRecord(NULL, &oldest);
261 ok(!ret, "Expected failure\n");
262 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
263 ok(oldest == 0xdeadbeef, "Expected oldest to stay unchanged\n");
264
265 handle = OpenEventLogA(NULL, "Application");
266
267 SetLastError(0xdeadbeef);
268 ret = GetOldestEventLogRecord(handle, NULL);
269 ok(!ret, "Expected failure\n");
270 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
271
272 oldest = 0xdeadbeef;
273 ret = GetOldestEventLogRecord(handle, &oldest);
274 ok(ret, "Expected success\n");
275 ok(oldest != 0xdeadbeef, "Expected the number of the oldest record\n");
276
277 CloseEventLog(handle);
278
279 /* Make a backup eventlog to work with */
280 if (create_backup(backup))
281 {
282 handle = OpenBackupEventLogA(NULL, backup);
283 todo_wine
284 ok(handle != NULL, "Expected a handle\n");
285
286 /* Does GetOldestEventLogRecord work with backup eventlogs? */
287 oldest = 0xdeadbeef;
288 ret = GetOldestEventLogRecord(handle, &oldest);
289 todo_wine
290 {
291 ok(ret, "Expected success\n");
292 ok(oldest != 0xdeadbeef, "Expected the number of the oldest record\n");
293 }
294
295 CloseEventLog(handle);
296 DeleteFileA(backup);
297 }
298}
GetOldestEventLogRecord
BOOL WINAPI GetOldestEventLogRecord(IN HANDLE hEventLog, OUT PDWORD OldestRecord)
Definition: eventlog.c:619

Referenced by START_TEST().

◆ test_open_close()

static void test_open_close ( void  )
static

Definition at line 78 of file eventlog.c.

79{
80 HANDLE handle;
81 BOOL ret;
82
83 SetLastError(0xdeadbeef);
84 ret = CloseEventLog(NULL);
85 ok(!ret, "Expected failure\n");
86 ok(GetLastError() == ERROR_INVALID_HANDLE ||
87 GetLastError() == ERROR_NOACCESS, /* W2K */
88 "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
89
90 SetLastError(0xdeadbeef);
91 handle = OpenEventLogA(NULL, NULL);
92 ok(handle == NULL, "Didn't expect a handle\n");
93 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
94
95 SetLastError(0xdeadbeef);
96 handle = OpenEventLogA("IDontExist", NULL);
97 ok(handle == NULL, "Didn't expect a handle\n");
98 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
99
100 SetLastError(0xdeadbeef);
101 handle = OpenEventLogA("IDontExist", "deadbeef");
102 ok(handle == NULL, "Didn't expect a handle\n");
103 ok(GetLastError() == RPC_S_SERVER_UNAVAILABLE ||
104 GetLastError() == RPC_S_INVALID_NET_ADDR, /* Some Vista and Win7 */
105 "Expected RPC_S_SERVER_UNAVAILABLE, got %d\n", GetLastError());
106
107 /* This one opens the Application log */
108 handle = OpenEventLogA(NULL, "deadbeef");
109 ok(handle != NULL, "Expected a handle\n");
110 ret = CloseEventLog(handle);
111 ok(ret, "Expected success\n");
112 /* Close a second time */
113 SetLastError(0xdeadbeef);
114 ret = CloseEventLog(handle);
115 todo_wine
116 {
117 ok(!ret, "Expected failure\n");
118 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
119 }
120
121 /* Empty servername should be read as local server */
122 handle = OpenEventLogA("", "Application");
123 ok(handle != NULL, "Expected a handle\n");
124 CloseEventLog(handle);
125
126 handle = OpenEventLogA(NULL, "Application");
127 ok(handle != NULL, "Expected a handle\n");
128 CloseEventLog(handle);
129}
RPC_S_SERVER_UNAVAILABLE
#define RPC_S_SERVER_UNAVAILABLE
Definition: winerror.h:1033
RPC_S_INVALID_NET_ADDR
#define RPC_S_INVALID_NET_ADDR
Definition: winerror.h:1018
ERROR_NOACCESS
#define ERROR_NOACCESS
Definition: winerror.h:578

Referenced by START_TEST().

◆ test_openbackup()

static void test_openbackup ( void  )
static

Definition at line 511 of file eventlog.c.

512{
513 HANDLE handle, handle2, file;
514 DWORD written;
515 const char backup[] = "backup.evt";
516 const char text[] = "Just some text";
517
518 SetLastError(0xdeadbeef);
519 handle = OpenBackupEventLogA(NULL, NULL);
520 ok(handle == NULL, "Didn't expect a handle\n");
521 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
522
523 SetLastError(0xdeadbeef);
524 handle = OpenBackupEventLogA(NULL, "idontexist.evt");
525 ok(handle == NULL, "Didn't expect a handle\n");
526 ok(GetLastError() == ERROR_FILE_NOT_FOUND, "Expected ERROR_FILE_NOT_FOUND, got %d\n", GetLastError());
527
528 SetLastError(0xdeadbeef);
529 handle = OpenBackupEventLogA("IDontExist", NULL);
530 ok(handle == NULL, "Didn't expect a handle\n");
531 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
532
533 SetLastError(0xdeadbeef);
534 handle = OpenBackupEventLogA("IDontExist", "idontexist.evt");
535 ok(handle == NULL, "Didn't expect a handle\n");
536 ok(GetLastError() == RPC_S_SERVER_UNAVAILABLE ||
537 GetLastError() == RPC_S_INVALID_NET_ADDR, /* Some Vista and Win7 */
538 "Expected RPC_S_SERVER_UNAVAILABLE, got %d\n", GetLastError());
539
540 /* Make a backup eventlog to work with */
541 if (create_backup(backup))
542 {
543 /* FIXME: Wine stops here */
544 if (GetFileAttributesA(backup) == INVALID_FILE_ATTRIBUTES)
545 {
546 skip("We don't have a backup eventlog to work with\n");
547 return;
548 }
549
550 SetLastError(0xdeadbeef);
551 handle = OpenBackupEventLogA("IDontExist", backup);
552 ok(handle == NULL, "Didn't expect a handle\n");
553 ok(GetLastError() == RPC_S_SERVER_UNAVAILABLE ||
554 GetLastError() == RPC_S_INVALID_NET_ADDR, /* Some Vista and Win7 */
555 "Expected RPC_S_SERVER_UNAVAILABLE, got %d\n", GetLastError());
556
557 /* Empty servername should be read as local server */
558 handle = OpenBackupEventLogA("", backup);
559 ok(handle != NULL, "Expected a handle\n");
560 CloseEventLog(handle);
561
562 handle = OpenBackupEventLogA(NULL, backup);
563 ok(handle != NULL, "Expected a handle\n");
564
565 /* Can we open that same backup eventlog more than once? */
566 handle2 = OpenBackupEventLogA(NULL, backup);
567 ok(handle2 != NULL, "Expected a handle\n");
568 ok(handle2 != handle, "Didn't expect the same handle\n");
569 CloseEventLog(handle2);
570
571 CloseEventLog(handle);
572 DeleteFileA(backup);
573 }
574
575 /* Is there any content checking done? */
576 file = CreateFileA(backup, GENERIC_WRITE, 0, NULL, CREATE_NEW, 0, NULL);
577 CloseHandle(file);
578 SetLastError(0xdeadbeef);
579 handle = OpenBackupEventLogA(NULL, backup);
580 ok(handle == NULL, "Didn't expect a handle\n");
581 ok(GetLastError() == ERROR_NOT_ENOUGH_MEMORY ||
582 GetLastError() == ERROR_EVENTLOG_FILE_CORRUPT, /* Vista and Win7 */
583 "Expected ERROR_NOT_ENOUGH_MEMORY, got %d\n", GetLastError());
584 CloseEventLog(handle);
585 DeleteFileA(backup);
586
587 file = CreateFileA(backup, GENERIC_WRITE, 0, NULL, CREATE_NEW, 0, NULL);
588 WriteFile(file, text, sizeof(text), &written, NULL);
589 CloseHandle(file);
590 SetLastError(0xdeadbeef);
591 handle = OpenBackupEventLogA(NULL, backup);
592 ok(handle == NULL, "Didn't expect a handle\n");
593 ok(GetLastError() == ERROR_EVENTLOG_FILE_CORRUPT, "Expected ERROR_EVENTLOG_FILE_CORRUPT, got %d\n", GetLastError());
594 CloseEventLog(handle);
595 DeleteFileA(backup);
596}
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
CloseHandle
#define CloseHandle
Definition: compat.h:739
CreateFileA
#define CreateFileA(a, b, c, d, e, f, g)
Definition: compat.h:740
WriteFile
BOOL WINAPI WriteFile(IN HANDLE hFile, IN LPCVOID lpBuffer, IN DWORD nNumberOfBytesToWrite OPTIONAL, OUT LPDWORD lpNumberOfBytesWritten, IN LPOVERLAPPED lpOverlapped OPTIONAL)
Definition: rw.c:24
text
const WCHAR * text
Definition: package.c:1799
CREATE_NEW
#define CREATE_NEW
Definition: disk.h:69
ERROR_FILE_NOT_FOUND
#define ERROR_FILE_NOT_FOUND
Definition: disk.h:79
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
file
Definition: fci.c:127
ERROR_EVENTLOG_FILE_CORRUPT
#define ERROR_EVENTLOG_FILE_CORRUPT
Definition: winerror.h:952

Referenced by START_TEST().

◆ test_read()

static void test_read ( void  )
static

Definition at line 363 of file eventlog.c.

364{
365 HANDLE handle;
366 BOOL ret;
367 DWORD count, toread, read, needed;
368 void *buf;
369
370 SetLastError(0xdeadbeef);
371 ret = ReadEventLogA(NULL, 0, 0, NULL, 0, NULL, NULL);
372 ok(!ret, "Expected failure\n");
373 todo_wine
374 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
375
376 read = 0xdeadbeef;
377 SetLastError(0xdeadbeef);
378 ret = ReadEventLogA(NULL, 0, 0, NULL, 0, &read, NULL);
379 ok(!ret, "Expected failure\n");
380 ok(read == 0xdeadbeef, "Expected 'read' parameter to remain unchanged\n");
381 todo_wine
382 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
383
384 needed = 0xdeadbeef;
385 SetLastError(0xdeadbeef);
386 ret = ReadEventLogA(NULL, 0, 0, NULL, 0, NULL, &needed);
387 ok(!ret, "Expected failure\n");
388 ok(needed == 0xdeadbeef, "Expected 'needed' parameter to remain unchanged\n");
389 todo_wine
390 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
391
392 /* 'read' and 'needed' are only filled when the needed buffer size is passed back or when the call succeeds */
393 SetLastError(0xdeadbeef);
394 ret = ReadEventLogA(NULL, 0, 0, NULL, 0, &read, &needed);
395 ok(!ret, "Expected failure\n");
396 todo_wine
397 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
398
399 SetLastError(0xdeadbeef);
400 ret = ReadEventLogA(NULL, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ, 0, NULL, 0, NULL, NULL);
401 ok(!ret, "Expected failure\n");
402 todo_wine
403 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
404
405 SetLastError(0xdeadbeef);
406 ret = ReadEventLogA(NULL, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ, 0, NULL, 0, &read, &needed);
407 ok(!ret, "Expected failure\n");
408 todo_wine
409 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
410
411 buf = NULL;
412 SetLastError(0xdeadbeef);
413 ret = ReadEventLogA(NULL, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ,
414 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
415 ok(!ret, "Expected failure\n");
416 todo_wine
417 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
418
419 buf = HeapAlloc(GetProcessHeap(), 0, sizeof(EVENTLOGRECORD));
420 SetLastError(0xdeadbeef);
421 ret = ReadEventLogA(NULL, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ,
422 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
423 ok(!ret, "Expected failure\n");
424 todo_wine
425 ok(GetLastError() == ERROR_INVALID_HANDLE, "Expected ERROR_INVALID_HANDLE, got %d\n", GetLastError());
426 HeapFree(GetProcessHeap(), 0, buf);
427
428 handle = OpenEventLogA(NULL, "Application");
429
430 /* Show that we need the proper dwFlags with a (for the rest) proper call */
431 buf = HeapAlloc(GetProcessHeap(), 0, sizeof(EVENTLOGRECORD));
432
433 SetLastError(0xdeadbeef);
434 ret = ReadEventLogA(handle, 0, 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
435 ok(!ret, "Expected failure\n");
436 todo_wine
437 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
438
439 SetLastError(0xdeadbeef);
440 ret = ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ, 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
441 ok(!ret, "Expected failure\n");
442 todo_wine
443 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
444
445 SetLastError(0xdeadbeef);
446 ret = ReadEventLogA(handle, EVENTLOG_SEEK_READ, 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
447 ok(!ret, "Expected failure\n");
448 todo_wine
449 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
450
451 SetLastError(0xdeadbeef);
452 ret = ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ,
453 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
454 ok(!ret, "Expected failure\n");
455 todo_wine
456 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
457
458 SetLastError(0xdeadbeef);
459 ret = ReadEventLogA(handle, EVENTLOG_SEEK_READ | EVENTLOG_FORWARDS_READ | EVENTLOG_BACKWARDS_READ,
460 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
461 ok(!ret, "Expected failure\n");
462 todo_wine
463 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
464
465 SetLastError(0xdeadbeef);
466 ret = ReadEventLogA(handle, EVENTLOG_SEEK_READ | EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ,
467 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
468 ok(!ret, "Expected failure\n");
469 todo_wine
470 ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", GetLastError());
471
472 HeapFree(GetProcessHeap(), 0, buf);
473
474 /* First check if there are any records (in practice only on Wine: FIXME) */
475 count = 0;
476 GetNumberOfEventLogRecords(handle, &count);
477 if (!count)
478 {
479 skip("No records in the 'Application' log\n");
480 CloseEventLog(handle);
481 return;
482 }
483
484 /* Get the buffer size for the first record */
485 buf = HeapAlloc(GetProcessHeap(), 0, sizeof(EVENTLOGRECORD));
486 read = needed = 0xdeadbeef;
487 SetLastError(0xdeadbeef);
488 ret = ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ,
489 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
490 ok(!ret, "Expected failure\n");
491 ok(read == 0, "Expected no bytes read\n");
492 ok(needed > sizeof(EVENTLOGRECORD), "Expected the needed buffersize to be bigger than sizeof(EVENTLOGRECORD)\n");
493 ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n", GetLastError());
494
495 /* Read the first record */
496 toread = needed;
497 buf = HeapReAlloc(GetProcessHeap(), 0, buf, toread);
498 read = needed = 0xdeadbeef;
499 SetLastError(0xdeadbeef);
500 ret = ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ, 0, buf, toread, &read, &needed);
501 ok(ret, "Expected success\n");
502 ok(read == toread ||
503 broken(read < toread), /* NT4 wants a buffer size way bigger than just 1 record */
504 "Expected the requested size to be read\n");
505 ok(needed == 0, "Expected no extra bytes to be read\n");
506 HeapFree(GetProcessHeap(), 0, buf);
507
508 CloseEventLog(handle);
509}
broken
#define broken(x)
Definition: _sntprintf.h:21
read
#define read
Definition: acwin.h:96
ReadEventLogA
BOOL WINAPI ReadEventLogA(IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
Definition: eventlog.c:1061
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:736
HeapAlloc
#define HeapAlloc
Definition: compat.h:733
HeapReAlloc
#define HeapReAlloc
Definition: compat.h:734
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:735
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
_EVENTLOGRECORD
Definition: winnt_old.h:2840
EVENTLOG_SEQUENTIAL_READ
#define EVENTLOG_SEQUENTIAL_READ
Definition: winnt_old.h:2828
EVENTLOG_BACKWARDS_READ
#define EVENTLOG_BACKWARDS_READ
Definition: winnt_old.h:2831
EVENTLOG_FORWARDS_READ
#define EVENTLOG_FORWARDS_READ
Definition: winnt_old.h:2830
EVENTLOG_SEEK_READ
#define EVENTLOG_SEEK_READ
Definition: winnt_old.h:2829

Referenced by START_TEST().

◆ test_readwrite()

static void test_readwrite ( void  )
static

Definition at line 730 of file eventlog.c.

731{
732 HANDLE handle;
733 PSID user;
734 DWORD sidsize, count;
735 BOOL ret, sidavailable;
736 BOOL on_vista = FALSE; /* Used to indicate Vista, W2K8 or Win7 */
737 DWORD i;
738 char *localcomputer = NULL;
739 DWORD size;
740
741 if (pCreateWellKnownSid)
742 {
743 sidsize = SECURITY_MAX_SID_SIZE;
744 user = HeapAlloc(GetProcessHeap(), 0, sidsize);
745 SetLastError(0xdeadbeef);
746 pCreateWellKnownSid(WinInteractiveSid, NULL, user, &sidsize);
747 sidavailable = TRUE;
748 }
749 else
750 {
751 win_skip("Skipping some SID related tests\n");
752 sidavailable = FALSE;
753 user = NULL;
754 }
755
756 /* Write an event with an incorrect event type. This will fail on Windows 7
757 * but succeed on all others, hence it's not part of the struct.
758 */
759 handle = OpenEventLogA(NULL, eventlogname);
760 if (!handle)
761 {
762 /* Intermittently seen on NT4 when tests are run immediately after boot */
763 win_skip("Could not get a handle to the eventlog\n");
764 goto cleanup;
765 }
766
767 count = 0xdeadbeef;
768 GetNumberOfEventLogRecords(handle, &count);
769 if (count != 0)
770 {
771 /* Needed for W2K3 without a service pack */
772 win_skip("We most likely opened the Application eventlog\n");
773 CloseEventLog(handle);
774 Sleep(2000);
775
776 handle = OpenEventLogA(NULL, eventlogname);
777 count = 0xdeadbeef;
778 GetNumberOfEventLogRecords(handle, &count);
779 if (count != 0)
780 {
781 win_skip("We didn't open our new eventlog\n");
782 CloseEventLog(handle);
783 goto cleanup;
784 }
785 }
786
787 SetLastError(0xdeadbeef);
788 ret = ReportEventA(handle, 0x20, 0, 0, NULL, 0, 0, NULL, NULL);
789 if (!ret && GetLastError() == ERROR_CRC)
790 {
791 win_skip("Win7 fails when using incorrect event types\n");
792 ret = ReportEventA(handle, 0, 0, 0, NULL, 0, 0, NULL, NULL);
793 ok(ret, "Expected success : %d\n", GetLastError());
794 }
795 else
796 {
797 void *buf;
798 DWORD read, needed = 0;
799 EVENTLOGRECORD *record;
800
801 ok(ret, "Expected success : %d\n", GetLastError());
802
803 /* Needed to catch earlier Vista (with no ServicePack for example) */
804 buf = HeapAlloc(GetProcessHeap(), 0, sizeof(EVENTLOGRECORD));
805 if (!(ret = ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ,
806 0, buf, sizeof(EVENTLOGRECORD), &read, &needed)) &&
807 GetLastError() == ERROR_INSUFFICIENT_BUFFER)
808 {
809 buf = HeapReAlloc(GetProcessHeap(), 0, buf, needed);
810 ret = ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ,
811 0, buf, needed, &read, &needed);
812 }
813 if (ret)
814 {
815 record = (EVENTLOGRECORD *)buf;
816
817 /* Vista and W2K8 return EVENTLOG_SUCCESS, Windows versions before return
818 * the written eventtype (0x20 in this case).
819 */
820 if (record->EventType == EVENTLOG_SUCCESS)
821 on_vista = TRUE;
822 }
823 HeapFree(GetProcessHeap(), 0, buf);
824 }
825
826 /* This will clear the eventlog. The record numbering for new
827 * events however differs on Vista SP1+. Before Vista the first
828 * event would be numbered 1, on Vista SP1+ it's higher as we already
829 * had at least one event (more in case of multiple test runs without
830 * a reboot).
831 */
832 ClearEventLogA(handle, NULL);
833 CloseEventLog(handle);
834
835 /* Write a bunch of events while using different event sources */
836 for (i = 0; i < sizeof(read_write)/sizeof(read_write[0]); i++)
837 {
838 DWORD oldest;
839 BOOL run_sidtests = read_write[i].evt_sid & sidavailable;
840
841 /* We don't need to use RegisterEventSource to report events */
842 if (i % 2)
843 handle = OpenEventLogA(NULL, read_write[i].evt_src);
844 else
845 handle = RegisterEventSourceA(NULL, read_write[i].evt_src);
846 ok(handle != NULL, "Expected a handle\n");
847
848 SetLastError(0xdeadbeef);
849 ret = ReportEventA(handle, read_write[i].evt_type, read_write[i].evt_cat,
850 read_write[i].evt_id, run_sidtests ? user : NULL,
851 read_write[i].evt_numstrings, 0, read_write[i].evt_strings, NULL);
852 ok(ret, "Expected ReportEvent success : %d\n", GetLastError());
853
854 count = 0xdeadbeef;
855 SetLastError(0xdeadbeef);
856 ret = GetNumberOfEventLogRecords(handle, &count);
857 ok(ret, "Expected GetNumberOfEventLogRecords success : %d\n", GetLastError());
858 todo_wine
859 ok(count == (i + 1), "Expected %d records, got %d\n", i + 1, count);
860
861 oldest = 0xdeadbeef;
862 ret = GetOldestEventLogRecord(handle, &oldest);
863 ok(ret, "Expected GetOldestEventLogRecord success : %d\n", GetLastError());
864 todo_wine
865 ok(oldest == 1 ||
866 (oldest > 1 && oldest != 0xdeadbeef), /* Vista SP1+, W2K8 and Win7 */
867 "Expected oldest to be 1 or higher, got %d\n", oldest);
868 if (oldest > 1 && oldest != 0xdeadbeef)
869 on_vista = TRUE;
870
871 SetLastError(0xdeadbeef);
872 if (i % 2)
873 ret = CloseEventLog(handle);
874 else
875 ret = DeregisterEventSource(handle);
876 ok(ret, "Expected success : %d\n", GetLastError());
877 }
878
879 handle = OpenEventLogA(NULL, eventlogname);
880 count = 0xdeadbeef;
881 ret = GetNumberOfEventLogRecords(handle, &count);
882 ok(ret, "Expected success\n");
883 todo_wine
884 ok(count == i, "Expected %d records, got %d\n", i, count);
885 CloseEventLog(handle);
886
887 if (count == 0)
888 {
889 skip("No events were written to the eventlog\n");
890 goto cleanup;
891 }
892
893 /* Report only once */
894 if (on_vista)
895 skip("There is no DWORD alignment enforced for UserSid on Vista, W2K8 or Win7\n");
896
897 if (on_vista && pGetComputerNameExA)
898 {
899 /* New Vista+ behavior */
900 size = 0;
901 SetLastError(0xdeadbeef);
902 pGetComputerNameExA(ComputerNameDnsFullyQualified, NULL, &size);
903 localcomputer = HeapAlloc(GetProcessHeap(), 0, size);
904 pGetComputerNameExA(ComputerNameDnsFullyQualified, localcomputer, &size);
905 }
906 else
907 {
908 size = MAX_COMPUTERNAME_LENGTH + 1;
909 localcomputer = HeapAlloc(GetProcessHeap(), 0, size);
910 GetComputerNameA(localcomputer, &size);
911 }
912
913 /* Read all events from our created eventlog, one by one */
914 handle = OpenEventLogA(NULL, eventlogname);
915 ok(handle != NULL, "Failed to open Event Log, got %d\n", GetLastError());
916 i = 0;
917 for (;;)
918 {
919 void *buf;
920 DWORD read, needed;
921 EVENTLOGRECORD *record;
922 char *sourcename, *computername;
923 int k;
924 char *ptr;
925 BOOL run_sidtests = read_write[i].evt_sid & sidavailable;
926
927 buf = HeapAlloc(GetProcessHeap(), 0, sizeof(EVENTLOGRECORD));
928 SetLastError(0xdeadbeef);
929 ret = ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ,
930 0, buf, sizeof(EVENTLOGRECORD), &read, &needed);
931 ok(!ret, "Expected failure\n");
932 if (!ret && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
933 {
934 HeapFree(GetProcessHeap(), 0, buf);
935 ok(GetLastError() == ERROR_HANDLE_EOF, "record %d, got %d\n", i, GetLastError());
936 break;
937 }
938
939 buf = HeapReAlloc(GetProcessHeap(), 0, buf, needed);
940 ret = ReadEventLogA(handle, EVENTLOG_SEQUENTIAL_READ | EVENTLOG_FORWARDS_READ,
941 0, buf, needed, &read, &needed);
942 ok(ret, "Expected success: %d\n", GetLastError());
943
944 record = (EVENTLOGRECORD *)buf;
945
946 ok(record->Length == read,
947 "Expected %d, got %d\n", read, record->Length);
948 ok(record->Reserved == 0x654c664c,
949 "Expected 0x654c664c, got %d\n", record->Reserved);
950 ok(record->RecordNumber == i + 1 ||
951 (on_vista && (record->RecordNumber > i + 1)),
952 "Expected %d or higher, got %d\n", i + 1, record->RecordNumber);
953 ok(record->EventID == read_write[i].evt_id,
954 "Expected %d, got %d\n", read_write[i].evt_id, record->EventID);
955 ok(record->EventType == read_write[i].evt_type,
956 "Expected %d, got %d\n", read_write[i].evt_type, record->EventType);
957 ok(record->NumStrings == read_write[i].evt_numstrings,
958 "Expected %d, got %d\n", read_write[i].evt_numstrings, record->NumStrings);
959 ok(record->EventCategory == read_write[i].evt_cat,
960 "Expected %d, got %d\n", read_write[i].evt_cat, record->EventCategory);
961
962 sourcename = (char *)((BYTE *)buf + sizeof(EVENTLOGRECORD));
963 ok(!lstrcmpA(sourcename, read_write[i].evt_src), "Expected '%s', got '%s'\n",
964 read_write[i].evt_src, sourcename);
965
966 computername = (char *)((BYTE *)buf + sizeof(EVENTLOGRECORD) + lstrlenA(sourcename) + 1);
967 ok(!lstrcmpiA(computername, localcomputer), "Expected '%s', got '%s'\n",
968 localcomputer, computername);
969
970 /* Before Vista, UserSid was aligned on a DWORD boundary. Next to that if
971 * no padding was actually required a 0 DWORD was still used for padding. No
972 * application should be relying on the padding as we are working with offsets
973 * anyway.
974 */
975
976 if (!on_vista)
977 {
978 DWORD calculated_sidoffset = sizeof(EVENTLOGRECORD) + lstrlenA(sourcename) + 1 + lstrlenA(computername) + 1;
979
980 /* We are already DWORD aligned, there should still be some padding */
981 if ((((UINT_PTR)buf + calculated_sidoffset) % sizeof(DWORD)) == 0)
982 ok(*(DWORD *)((BYTE *)buf + calculated_sidoffset) == 0, "Expected 0\n");
983
984 ok((((UINT_PTR)buf + record->UserSidOffset) % sizeof(DWORD)) == 0, "Expected DWORD alignment\n");
985 }
986
987 if (run_sidtests)
988 {
989 ok(record->UserSidLength == sidsize, "Expected %d, got %d\n", sidsize, record->UserSidLength);
990 }
991 else
992 {
993 ok(record->StringOffset == record->UserSidOffset, "Expected offsets to be the same\n");
994 ok(record->UserSidLength == 0, "Expected 0, got %d\n", record->UserSidLength);
995 }
996
997 ok(record->DataLength == 0, "Expected 0, got %d\n", record->DataLength);
998
999 ptr = (char *)((BYTE *)buf + record->StringOffset);
1000 for (k = 0; k < record->NumStrings; k++)
1001 {
1002 ok(!lstrcmpA(ptr, two_strings[k]), "Expected '%s', got '%s'\n", two_strings[k], ptr);
1003 ptr += lstrlenA(ptr) + 1;
1004 }
1005
1006 ok(record->Length == *(DWORD *)((BYTE *)buf + record->Length - sizeof(DWORD)),
1007 "Expected the closing DWORD to contain the length of the record\n");
1008
1009 HeapFree(GetProcessHeap(), 0, buf);
1010 i++;
1011 }
1012 CloseEventLog(handle);
1013
1014 /* Test clearing a real eventlog */
1015 handle = OpenEventLogA(NULL, eventlogname);
1016 ok(handle != NULL, "Failed to open Event Log, got %d\n", GetLastError());
1017
1018 SetLastError(0xdeadbeef);
1019 ret = ClearEventLogA(handle, NULL);
1020 ok(ret, "Expected success\n");
1021
1022 count = 0xdeadbeef;
1023 ret = GetNumberOfEventLogRecords(handle, &count);
1024 ok(ret, "Expected success\n");
1025 ok(count == 0, "Expected an empty eventlog, got %d records\n", count);
1026
1027 CloseEventLog(handle);
1028
1029cleanup:
1030 HeapFree(GetProcessHeap(), 0, localcomputer);
1031 HeapFree(GetProcessHeap(), 0, user);
1032}
user
void user(int argc, const char *argv[])
Definition: cmds.c:1350
ReportEventA
BOOL WINAPI ReportEventA(IN HANDLE hEventLog, IN WORD wType, IN WORD wCategory, IN DWORD dwEventID, IN PSID lpUserSid, IN WORD wNumStrings, IN DWORD dwDataSize, IN LPCSTR *lpStrings, IN LPVOID lpRawData)
Definition: eventlog.c:1377
DeregisterEventSource
BOOL WINAPI DeregisterEventSource(IN HANDLE hEventLog)
Definition: eventlog.c:473
RegisterEventSourceA
HANDLE WINAPI RegisterEventSourceA(IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
Definition: eventlog.c:1224
lstrcmpiA
int WINAPI lstrcmpiA(LPCSTR lpString1, LPCSTR lpString2)
Definition: lstring.c:42
lstrcmpA
int WINAPI lstrcmpA(LPCSTR lpString1, LPCSTR lpString2)
Definition: lstring.c:18
ptr
static PVOID ptr
Definition: dispmode.c:27
two_strings
static const char * two_strings[]
Definition: eventlog.c:706
evt_cat
WORD evt_cat
Definition: eventlog.c:711
evt_src
const char * evt_src
Definition: eventlog.c:709
evt_strings
const char ** evt_strings
Definition: eventlog.c:715
evt_numstrings
WORD evt_numstrings
Definition: eventlog.c:714
read_write
static const struct @1640 read_write[]
evt_type
WORD evt_type
Definition: eventlog.c:710
evt_id
DWORD evt_id
Definition: eventlog.c:712
k
int k
Definition: mpi.c:3369
UINT_PTR
unsigned __int3264 UINT_PTR
Definition: mstsclib_h.h:274
GetComputerNameA
BOOL WINAPI SHIM_OBJ_NAME() GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
Definition: shimtest.c:21
_SID
Definition: ms-dtyp.idl:198
Sleep
VOID WINAPI DECLSPEC_HOTPATCH Sleep(IN DWORD dwMilliseconds)
Definition: synch.c:790
MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:243
ERROR_HANDLE_EOF
#define ERROR_HANDLE_EOF
Definition: winerror.h:140
ERROR_CRC
#define ERROR_CRC
Definition: winerror.h:126
EVENTLOG_SUCCESS
#define EVENTLOG_SUCCESS
Definition: winnt_old.h:2833
EVENTLOGRECORD
struct _EVENTLOGRECORD EVENTLOGRECORD
SECURITY_MAX_SID_SIZE
#define SECURITY_MAX_SID_SIZE
Definition: setypes.h:486

Referenced by START_TEST().

◆ test_start_trace()

static void test_start_trace ( void  )
static

Definition at line 1149 of file eventlog.c.

1150{
1151 const char sessionname[] = "wine";
1152 const char filepath[] = "wine.etl";
1153 const char filepath2[] = "eniw.etl";
1154 EVENT_TRACE_PROPERTIES *properties;
1155 TRACEHANDLE handle;
1156 LONG buffersize;
1157 LONG ret;
1158
1159 buffersize = sizeof(EVENT_TRACE_PROPERTIES) + sizeof(sessionname) + sizeof(filepath);
1160 properties = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, buffersize);
1161 properties->Wnode.BufferSize = buffersize;
1162 properties->Wnode.Flags = WNODE_FLAG_TRACED_GUID;
1163 properties->LogFileMode = EVENT_TRACE_FILE_MODE_NONE;
1164 properties->LoggerNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
1165 properties->LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES) + sizeof(sessionname);
1166 strcpy((char *)properties + properties->LogFileNameOffset, filepath);
1167
1168 properties->Wnode.BufferSize = 0;
1169 ret = StartTraceA(&handle, sessionname, properties);
1170 todo_wine
1171 ok(ret == ERROR_BAD_LENGTH ||
1172 ret == ERROR_INVALID_PARAMETER, /* XP and 2k3 */
1173 "Expected ERROR_BAD_LENGTH, got %d\n", ret);
1174 properties->Wnode.BufferSize = buffersize;
1175
1176 ret = StartTraceA(&handle, "this name is too long", properties);
1177 todo_wine
1178 ok(ret == ERROR_BAD_LENGTH, "Expected ERROR_BAD_LENGTH, got %d\n", ret);
1179
1180 ret = StartTraceA(&handle, sessionname, NULL);
1181 todo_wine
1182 ok(ret == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", ret);
1183
1184 ret = StartTraceA(NULL, sessionname, properties);
1185 todo_wine
1186 ok(ret == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", ret);
1187
1188 properties->LogFileNameOffset = 1;
1189 ret = StartTraceA(&handle, sessionname, properties);
1190 todo_wine
1191 ok(ret == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", ret);
1192 properties->LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES) + sizeof(sessionname);
1193
1194 properties->LoggerNameOffset = 1;
1195 ret = StartTraceA(&handle, sessionname, properties);
1196 todo_wine
1197 ok(ret == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", ret);
1198 properties->LoggerNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
1199
1200 properties->LogFileMode = EVENT_TRACE_FILE_MODE_SEQUENTIAL | EVENT_TRACE_FILE_MODE_CIRCULAR;
1201 ret = StartTraceA(&handle, sessionname, properties);
1202 todo_wine
1203 ok(ret == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", ret);
1204 properties->LogFileMode = EVENT_TRACE_FILE_MODE_NONE;
1205 /* XP creates a file we can't delete, so change the filepath to something else */
1206 strcpy((char *)properties + properties->LogFileNameOffset, filepath2);
1207
1208 properties->Wnode.Guid = SystemTraceControlGuid;
1209 ret = StartTraceA(&handle, sessionname, properties);
1210 todo_wine
1211 ok(ret == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %d\n", ret);
1212 memset(&properties->Wnode.Guid, 0, sizeof(properties->Wnode.Guid));
1213
1214 properties->LogFileNameOffset = 0;
1215 ret = StartTraceA(&handle, sessionname, properties);
1216 todo_wine
1217 ok(ret == ERROR_BAD_PATHNAME, "Expected ERROR_BAD_PATHNAME, got %d\n", ret);
1218 properties->LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES) + sizeof(sessionname);
1219
1220 ret = StartTraceA(&handle, sessionname, properties);
1221 if (ret == ERROR_ACCESS_DENIED)
1222 {
1223 skip("need admin rights\n");
1224 goto done;
1225 }
1226 ok(ret == ERROR_SUCCESS, "Expected success, got %d\n", ret);
1227
1228 ret = StartTraceA(&handle, sessionname, properties);
1229 todo_wine
1230 ok(ret == ERROR_ALREADY_EXISTS ||
1231 ret == ERROR_SHARING_VIOLATION, /* 2k3 */
1232 "Expected ERROR_ALREADY_EXISTS, got %d\n", ret);
1233
1234 /* clean up */
1235 ControlTraceA(handle, sessionname, properties, EVENT_TRACE_CONTROL_STOP);
1236done:
1237 HeapFree(GetProcessHeap(), 0, properties);
1238 DeleteFileA(filepath);
1239}
strcpy
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
EVENT_TRACE_PROPERTIES
struct _EVENT_TRACE_PROPERTIES EVENT_TRACE_PROPERTIES
EVENT_TRACE_CONTROL_STOP
#define EVENT_TRACE_CONTROL_STOP
Definition: evntrace.h:214
EVENT_TRACE_FILE_MODE_NONE
#define EVENT_TRACE_FILE_MODE_NONE
Definition: evntrace.h:184
EVENT_TRACE_FILE_MODE_CIRCULAR
#define EVENT_TRACE_FILE_MODE_CIRCULAR
Definition: evntrace.h:186
StartTraceA
EXTERN_C ULONG WMIAPI StartTraceA(OUT PTRACEHANDLE TraceHandle, IN LPCSTR InstanceName, IN OUT PEVENT_TRACE_PROPERTIES Properties)
EVENT_TRACE_FILE_MODE_SEQUENTIAL
#define EVENT_TRACE_FILE_MODE_SEQUENTIAL
Definition: evntrace.h:185
TRACEHANDLE
ULONG64 TRACEHANDLE
Definition: evntrace.h:40
ControlTraceA
EXTERN_C ULONG WMIAPI ControlTraceA(IN TRACEHANDLE TraceHandle, IN LPCSTR InstanceName OPTIONAL, IN OUT PEVENT_TRACE_PROPERTIES Properties, IN ULONG ControlCode)
_EVENT_TRACE_PROPERTIES
Definition: evntrace.h:570
_EVENT_TRACE_PROPERTIES::Wnode
WNODE_HEADER Wnode
Definition: evntrace.h:571
_EVENT_TRACE_PROPERTIES::LogFileNameOffset
ULONG LogFileNameOffset
Definition: evntrace.h:587
_EVENT_TRACE_PROPERTIES::LoggerNameOffset
ULONG LoggerNameOffset
Definition: evntrace.h:588
_EVENT_TRACE_PROPERTIES::LogFileMode
ULONG LogFileMode
Definition: evntrace.h:576
_WNODE_HEADER::BufferSize
ULONG BufferSize
Definition: wmistr.h:6
_WNODE_HEADER::Guid
GUID Guid
Definition: wmistr.h:23
_WNODE_HEADER::Flags
ULONG Flags
Definition: wmistr.h:25
ERROR_SHARING_VIOLATION
#define ERROR_SHARING_VIOLATION
Definition: winerror.h:135
ERROR_BAD_LENGTH
#define ERROR_BAD_LENGTH
Definition: winerror.h:127
ERROR_BAD_PATHNAME
#define ERROR_BAD_PATHNAME
Definition: winerror.h:233
WNODE_FLAG_TRACED_GUID
#define WNODE_FLAG_TRACED_GUID
Definition: wmistr.h:43

Referenced by START_TEST().

Variable Documentation

◆ DWORD

DWORD *static DWORD

Definition at line 36 of file eventlog.c.

◆ eventlogfile

char eventlogfile[MAX_PATH]
static

Definition at line 1050 of file eventlog.c.

Referenced by cleanup_eventlog(), and test_autocreation().

◆ eventlogname

const char eventlogname[] = "Wine"
static

Definition at line 652 of file eventlog.c.

Referenced by cleanup_eventlog(), create_new_eventlog(), test_autocreation(), and test_readwrite().

◆ eventlogsvc

const char eventlogsvc[] = "SYSTEM\\CurrentControlSet\\Services\\Eventlog"
static

Definition at line 651 of file eventlog.c.

Referenced by cleanup_eventlog(), create_new_eventlog(), and test_autocreation().

◆ eventsources

const char eventsources[][11] = { "WineSrc", "WineSrc1", "WineSrc20", "WineSrc300" }
static

Definition at line 653 of file eventlog.c.

Referenced by cleanup_eventlog(), create_new_eventlog(), and test_autocreation().

◆ evt_cat

WORD evt_cat

Definition at line 711 of file eventlog.c.

Referenced by test_readwrite().

◆ evt_id

DWORD evt_id

Definition at line 712 of file eventlog.c.

Referenced by test_readwrite().

◆ evt_numstrings

WORD evt_numstrings

Definition at line 714 of file eventlog.c.

Referenced by test_readwrite().

◆ evt_sid

BOOL evt_sid

Definition at line 713 of file eventlog.c.

◆ evt_src

const char* evt_src

Definition at line 709 of file eventlog.c.

Referenced by test_readwrite().

◆ evt_strings

const char** evt_strings

Definition at line 715 of file eventlog.c.

Referenced by test_readwrite().

◆ evt_type

WORD evt_type

Definition at line 710 of file eventlog.c.

Referenced by test_readwrite(), and UDFEjectReqWaiter().

◆ LPDWORD

LPDWORD

Definition at line 36 of file eventlog.c.

◆ LPSTR

LPSTR

Definition at line 38 of file eventlog.c.

◆ LPVOID

DWORD *static LPVOID

Definition at line 36 of file eventlog.c.

◆ one_string

const char* one_string[] = { "First string" }
static

Definition at line 705 of file eventlog.c.

◆ PSID

PSID

Definition at line 35 of file eventlog.c.

◆ 

const struct { ... } read_write[]
Initial value:
=
{
{ eventlogname, EVENTLOG_INFORMATION_TYPE, 1, 1, FALSE, 1, one_string },
{ eventsources[0], EVENTLOG_WARNING_TYPE, 1, 2, FALSE, 0, NULL },
{ eventsources[1], EVENTLOG_AUDIT_FAILURE, 1, 3, FALSE, 2, two_strings },
{ eventsources[2], EVENTLOG_ERROR_TYPE, 1, 4, FALSE, 0, NULL },
{ eventsources[3], EVENTLOG_WARNING_TYPE, 1, 5, FALSE, 1, one_string },
{ eventlogname, EVENTLOG_SUCCESS, 2, 6, TRUE, 2, two_strings },
{ eventsources[0], EVENTLOG_AUDIT_FAILURE, 2, 7, TRUE, 0, NULL },
{ eventsources[1], EVENTLOG_AUDIT_SUCCESS, 2, 8, TRUE, 2, two_strings },
{ eventsources[2], EVENTLOG_WARNING_TYPE, 2, 9, TRUE, 0, NULL },
{ eventsources[3], EVENTLOG_ERROR_TYPE, 2, 10, TRUE, 1, one_string }
}
one_string
static const char * one_string[]
Definition: eventlog.c:705
EVENTLOG_ERROR_TYPE
#define EVENTLOG_ERROR_TYPE
Definition: winnt_old.h:2834
EVENTLOG_AUDIT_FAILURE
#define EVENTLOG_AUDIT_FAILURE
Definition: winnt_old.h:2838
EVENTLOG_INFORMATION_TYPE
#define EVENTLOG_INFORMATION_TYPE
Definition: winnt_old.h:2836
EVENTLOG_AUDIT_SUCCESS
#define EVENTLOG_AUDIT_SUCCESS
Definition: winnt_old.h:2837
EVENTLOG_WARNING_TYPE
#define EVENTLOG_WARNING_TYPE
Definition: winnt_old.h:2835

Referenced by test_readwrite().

◆ two_strings

const char* two_strings[] = { "First string", "Second string" }
static

Definition at line 706 of file eventlog.c.

Referenced by test_readwrite().