/* @bookmark_class.setProperty */
static JSBool
bookmark_set_property(JSContext *ctx, JSObject *obj, jsid id, JSBool strict, jsval *vp)
{
struct bookmark *bookmark;
jsid tmp;
unsigned char *title = NULL;
unsigned char *url = NULL;
int ok;
/* This can be called if @obj if not itself an instance of the
* appropriate class but has one in its prototype chain. Fail
* such calls. */
if (!JS_InstanceOf(ctx, obj, (JSClass *) &bookmark_class, NULL))
return JS_FALSE;
bookmark = JS_GetInstancePrivate(ctx, obj,
(JSClass *) &bookmark_class, NULL);
if (!bookmark) return JS_FALSE;
if (!JSID_IS_INT(id))
return JS_FALSE;
switch (JSID_TO_INT(id)) {
case BOOKMARK_TITLE:
if (!JS_ValueToId(ctx, *vp, &tmp))
return JS_FALSE;
if (!jsval_to_bookmark_string(ctx, tmp, &title))
return JS_FALSE;
break;
case BOOKMARK_URL:
if (!JS_ValueToId(ctx, *vp, &tmp))
return JS_FALSE;
if (!jsval_to_bookmark_string(ctx, tmp, &url))
return JS_FALSE;
break;
default:
/* Unrecognized integer property ID; someone is using
* the object as an array. SMJS builtin classes (e.g.
* js_RegExpClass) just return JS_TRUE in this case.
* Do the same here. */
return JS_TRUE;
}
ok = update_bookmark(bookmark, get_cp_index("UTF-8"), title, url);
mem_free_if(title);
mem_free_if(url);
return ok ? JS_TRUE : JS_FALSE;
}
void send_channel_event(EVT_HANDLE evt, os_channel *channel)
{
DWORD buffer_length = 0;
PEVT_VARIANT properties_values = NULL;
DWORD count = 0;
EVT_HANDLE context = NULL;
os_event event = {0};
char final_msg[OS_MAXSTR];
int result = 0;
if ((context = EvtCreateRenderContext(count, NULL, EvtRenderContextSystem)) == NULL) {
log2file(
"%s: ERROR: Could not EvtCreateRenderContext() for (%s) which returned (%lu)",
ARGV0,
channel->evt_log,
GetLastError());
goto cleanup;
}
/* Make initial call to determine buffer size necessary */
result = EvtRender(context,
evt,
EvtRenderEventValues,
0,
NULL,
&buffer_length,
&count);
if (result != FALSE || GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
log2file(
"%s: ERROR: Could not EvtRender() to determine buffer size for (%s) which returned (%lu)",
ARGV0,
channel->evt_log,
GetLastError());
goto cleanup;
}
if ((properties_values = malloc(buffer_length)) == NULL) {
log2file(
"%s: ERROR: Could not malloc() memory to process event (%s) which returned [(%d)-(%s)]",
ARGV0,
channel->evt_log,
errno,
strerror(errno));
goto cleanup;
}
if (!EvtRender(context,
evt,
EvtRenderEventValues,
buffer_length,
properties_values,
&buffer_length,
&count)) {
log2file(
"%s: ERROR: Could not EvtRender() for (%s) which returned (%lu)",
ARGV0,
channel->evt_log,
GetLastError());
goto cleanup;
}
event.name = get_property_value(&properties_values[EvtSystemChannel]);
event.id = properties_values[EvtSystemEventID].UInt16Val;
event.source = get_property_value(&properties_values[EvtSystemProviderName]);
event.uid = properties_values[EvtSystemUserID].Type == EvtVarTypeNull ? NULL : properties_values[EvtSystemUserID].SidVal;
event.computer = get_property_value(&properties_values[EvtSystemComputer]);
event.time_created = properties_values[EvtSystemTimeCreated].FileTimeVal;
event.keywords = properties_values[EvtSystemKeywords].Type == EvtVarTypeNull ? 0 : properties_values[EvtSystemKeywords].UInt64Val;
event.level = properties_values[EvtSystemLevel].Type == EvtVarTypeNull ? -1 : properties_values[EvtSystemLevel].ByteVal;
switch (event.level) {
case WINEVENT_CRITICAL:
event.category = "CRITICAL";
break;
case WINEVENT_ERROR:
event.category = "ERROR";
break;
case WINEVENT_WARNING:
event.category = "WARNING";
break;
case WINEVENT_INFORMATION:
event.category = "INFORMATION";
break;
case WINEVENT_VERBOSE:
event.category = "DEBUG";
break;
case WINEVENT_AUDIT:
if (event.keywords & WINEVENT_AUDIT_FAILURE) {
event.category = "AUDIT_FAILURE";
break;
} else if (event.keywords & WINEVENT_AUDIT_SUCCESS) {
event.category = "AUDIT_SUCCESS";
break;
}
default:
event.category = "Unknown";
break;
}
if ((event.timestamp = WinEvtTimeToString(event.time_created)) == NULL) {
log2file(
"%s: ERROR: Could not convert timestamp for (%s)",
ARGV0,
channel->evt_log);
goto cleanup;
}
/* Determine user and domain */
get_username_and_domain(&event);
/* Get event log message */
if ((event.message = get_message(evt, properties_values[EvtSystemProviderName].StringVal, EvtFormatMessageEvent)) == NULL) {
log2file(
"%s: ERROR: Could not get message for (%s)",
ARGV0,
channel->evt_log);
} else {
/* Format message */
win_format_event_string(event.message);
}
snprintf(
final_msg,
sizeof(final_msg),
"%s WinEvtLog: %s: %s(%d): %s: %s: %s: %s: %s",
event.timestamp,
event.name,
event.category,
event.id,
event.source && strlen(event.source) ? event.source : "no source",
event.user && strlen(event.user) ? event.user : "******",
event.domain && strlen(event.domain) ? event.domain : "no domain",
event.computer && strlen(event.computer) ? event.computer : "no computer",
event.message && strlen(event.message) ? event.message : "(no message)"
);
if (SendMSG(logr_queue, final_msg, "WinEvtLog", LOCALFILE_MQ) < 0) {
merror(QUEUE_SEND, ARGV0);
}
if (channel->bookmark_enabled) {
update_bookmark(evt, channel);
}
cleanup:
free(properties_values);
free_event(&event);
if (context != NULL) {
EvtClose(context);
}
return;
}
