[Win32utils-devel] Fwd: win32/process problem

Heesob Park phasis at gmail.com
Sat Dec 8 23:56:11 EST 2007


2007/12/9, Daniel Berger <djberg96 at gmail.com>:
>
> Heesob Park wrote:
> > Hi,
> >
> > 2007/12/9, Daniel Berger <djberg96 at gmail.com <mailto:djberg96 at gmail.com
> >>:
> >
> >     Whoops, forgot to include the line that fails:
> >
> >     if va_list.length == 0
> >
> >     So, for some reason va_list isn't set.
> >
> >     Dan
> >
> >
> > Did you modified my code?
> > I did'nt use va_list.length. but I had omitted initializing va_list .
> > Here is the corrent code:
>
> <snip>
>
> Ok, there's good news and bad news. First the good news - this
> definitely picks up some descriptions we were missing before
> (specifically Winlogon events). Awesome.
>
> But there's some bad news. I sent the eventlog descriptions to a file
> using the original code and your code and found some discrepancies using
> diff.
>
> First, now I'm seeing literal parameter strings where I would expect
> data. For example:
>
> Security Configuration (OFF = 0 and ON = 1):
> -     Network Administration of Transactions = 0,
> -     Network Clients = 0,
> -     Inbound Distributed Transactions using Native MSDTC Protocol = 0,
> -     Outbound Distributed Transactions using Native MSDTC Protocol = 0,
> -     Transaction Internet Protocol (TIP) = 0,
> -     XA Transactions = 0
> +     Network Administration of Transactions = %1,
> +     Network Clients = %2,
> +     Inbound Distributed Transactions using Native MSDTC Protocol = %3,
> +     Outbound Distributed Transactions using Native MSDTC Protocol = %4,
> +     Transaction Internet Protocol (TIP) = %5,
> +     XA Transactions = %6
>
> Second, in rare cases I'm seeing some junk characters in the description:
>
> -Product: Nero 7 Ultra Edition -- Installation completed successfully.
> +`∞Å☻`∞Å☻ Nero 7 Ultra Edition -- Installation completed successfully.
>
> Last (and least), it looks it's picking up blank lines at the end.
> Nothing serious but it didn't do that before:
>
> -The Windows Installer initiated a system restart to complete or
> continue the configuration of ''.
> +The Windows Installer initiated a system restart to complete or
> continue the configuration of ''.
> +
>
> I've attached my (zipped) application so you can play with it.
>
> Regards,
>
> Dan


Ok, I saw it.
Reinitializing buf after the first formatting like this works fine for me:

               # Try to retrieve message *without* expanding the inserts yet

               exe.split(';').each{ |file|
                  hmodule  = LoadLibraryEx(file, 0,
DONT_RESOLVE_DLL_REFERENCES)
                  event_id = rec[20,4].unpack('L')[0]
                  if hmodule != 0
                     FormatMessage(
                        FORMAT_MESSAGE_FROM_HMODULE |
                        FORMAT_MESSAGE_IGNORE_INSERTS,
                        hmodule,
                        event_id,
                        0,
                        buf,
                        buf.size,
                        nil
                     )

                     FreeLibrary(hmodule)
                     break if buf.nstrip != "" # All messages read
                  end
               }

               buf  = 0.chr * 8192  # Reinitialize buf


Regards,

Park Heesob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://rubyforge.org/pipermail/win32utils-devel/attachments/20071209/d6e45eb8/attachment.html 


More information about the win32utils-devel mailing list