/* @bookmark_class.setProperty */ static JSBool bookmark_set_property(JSContext *ctx, JSObject *obj, jsid id, JSBool strict, jsval *vp) { struct bookmark *bookmark; jsid tmp; unsigned char *title = NULL; unsigned char *url = NULL; int ok; /* This can be called if @obj if not itself an instance of the * appropriate class but has one in its prototype chain. Fail * such calls. */ if (!JS_InstanceOf(ctx, obj, (JSClass *) &bookmark_class, NULL)) return JS_FALSE; bookmark = JS_GetInstancePrivate(ctx, obj, (JSClass *) &bookmark_class, NULL); if (!bookmark) return JS_FALSE; if (!JSID_IS_INT(id)) return JS_FALSE; switch (JSID_TO_INT(id)) { case BOOKMARK_TITLE: if (!JS_ValueToId(ctx, *vp, &tmp)) return JS_FALSE; if (!jsval_to_bookmark_string(ctx, tmp, &title)) return JS_FALSE; break; case BOOKMARK_URL: if (!JS_ValueToId(ctx, *vp, &tmp)) return JS_FALSE; if (!jsval_to_bookmark_string(ctx, tmp, &url)) return JS_FALSE; break; default: /* Unrecognized integer property ID; someone is using * the object as an array. SMJS builtin classes (e.g. * js_RegExpClass) just return JS_TRUE in this case. * Do the same here. */ return JS_TRUE; } ok = update_bookmark(bookmark, get_cp_index("UTF-8"), title, url); mem_free_if(title); mem_free_if(url); return ok ? JS_TRUE : JS_FALSE; }
void send_channel_event(EVT_HANDLE evt, os_channel *channel) { DWORD buffer_length = 0; PEVT_VARIANT properties_values = NULL; DWORD count = 0; EVT_HANDLE context = NULL; os_event event = {0}; char final_msg[OS_MAXSTR]; int result = 0; if ((context = EvtCreateRenderContext(count, NULL, EvtRenderContextSystem)) == NULL) { log2file( "%s: ERROR: Could not EvtCreateRenderContext() for (%s) which returned (%lu)", ARGV0, channel->evt_log, GetLastError()); goto cleanup; } /* Make initial call to determine buffer size necessary */ result = EvtRender(context, evt, EvtRenderEventValues, 0, NULL, &buffer_length, &count); if (result != FALSE || GetLastError() != ERROR_INSUFFICIENT_BUFFER) { log2file( "%s: ERROR: Could not EvtRender() to determine buffer size for (%s) which returned (%lu)", ARGV0, channel->evt_log, GetLastError()); goto cleanup; } if ((properties_values = malloc(buffer_length)) == NULL) { log2file( "%s: ERROR: Could not malloc() memory to process event (%s) which returned [(%d)-(%s)]", ARGV0, channel->evt_log, errno, strerror(errno)); goto cleanup; } if (!EvtRender(context, evt, EvtRenderEventValues, buffer_length, properties_values, &buffer_length, &count)) { log2file( "%s: ERROR: Could not EvtRender() for (%s) which returned (%lu)", ARGV0, channel->evt_log, GetLastError()); goto cleanup; } event.name = get_property_value(&properties_values[EvtSystemChannel]); event.id = properties_values[EvtSystemEventID].UInt16Val; event.source = get_property_value(&properties_values[EvtSystemProviderName]); event.uid = properties_values[EvtSystemUserID].Type == EvtVarTypeNull ? NULL : properties_values[EvtSystemUserID].SidVal; event.computer = get_property_value(&properties_values[EvtSystemComputer]); event.time_created = properties_values[EvtSystemTimeCreated].FileTimeVal; event.keywords = properties_values[EvtSystemKeywords].Type == EvtVarTypeNull ? 0 : properties_values[EvtSystemKeywords].UInt64Val; event.level = properties_values[EvtSystemLevel].Type == EvtVarTypeNull ? -1 : properties_values[EvtSystemLevel].ByteVal; switch (event.level) { case WINEVENT_CRITICAL: event.category = "CRITICAL"; break; case WINEVENT_ERROR: event.category = "ERROR"; break; case WINEVENT_WARNING: event.category = "WARNING"; break; case WINEVENT_INFORMATION: event.category = "INFORMATION"; break; case WINEVENT_VERBOSE: event.category = "DEBUG"; break; case WINEVENT_AUDIT: if (event.keywords & WINEVENT_AUDIT_FAILURE) { event.category = "AUDIT_FAILURE"; break; } else if (event.keywords & WINEVENT_AUDIT_SUCCESS) { event.category = "AUDIT_SUCCESS"; break; } default: event.category = "Unknown"; break; } if ((event.timestamp = WinEvtTimeToString(event.time_created)) == NULL) { log2file( "%s: ERROR: Could not convert timestamp for (%s)", ARGV0, channel->evt_log); goto cleanup; } /* Determine user and domain */ get_username_and_domain(&event); /* Get event log message */ if ((event.message = get_message(evt, properties_values[EvtSystemProviderName].StringVal, EvtFormatMessageEvent)) == NULL) { log2file( "%s: ERROR: Could not get message for (%s)", ARGV0, channel->evt_log); } else { /* Format message */ win_format_event_string(event.message); } snprintf( final_msg, sizeof(final_msg), "%s WinEvtLog: %s: %s(%d): %s: %s: %s: %s: %s", event.timestamp, event.name, event.category, event.id, event.source && strlen(event.source) ? event.source : "no source", event.user && strlen(event.user) ? event.user : "******", event.domain && strlen(event.domain) ? event.domain : "no domain", event.computer && strlen(event.computer) ? event.computer : "no computer", event.message && strlen(event.message) ? event.message : "(no message)" ); if (SendMSG(logr_queue, final_msg, "WinEvtLog", LOCALFILE_MQ) < 0) { merror(QUEUE_SEND, ARGV0); } if (channel->bookmark_enabled) { update_bookmark(evt, channel); } cleanup: free(properties_values); free_event(&event); if (context != NULL) { EvtClose(context); } return; }