├── .codecov.yml ├── .github └── workflows │ ├── build.yml │ ├── build_freebsd.yml │ ├── build_ossfuzz.yml │ ├── build_shared.yml │ └── build_wheel.yml ├── .gitignore ├── AUTHORS ├── COPYING ├── COPYING.LESSER ├── ChangeLog ├── Makefile.am ├── NEWS ├── README ├── acinclude.m4 ├── appveyor.yml ├── autogen.ps1 ├── autogen.sh ├── build.ps1 ├── common ├── Makefile.am ├── byte_stream.h ├── common.h ├── config_borlandc.h ├── config_msc.h ├── config_winapi.h ├── file_stream.h ├── memory.h ├── narrow_string.h ├── system_string.h ├── types.h.in └── wide_string.h ├── configure.ac ├── documentation └── Windows Event manifest binary format.asciidoc ├── dpkg ├── changelog.in ├── compat ├── control ├── copyright ├── libfwevt-dev.install ├── libfwevt-python3.install ├── libfwevt.install ├── rules └── source │ └── format ├── include ├── Makefile.am ├── libfwevt.h.in └── libfwevt │ ├── definitions.h.in │ ├── error.h │ ├── extern.h │ ├── features.h.in │ └── types.h.in ├── libfwevt.ini ├── libfwevt.pc.in ├── libfwevt.spec.in ├── libfwevt ├── Makefile.am ├── fwevt_template.h ├── libfwevt.c ├── libfwevt.rc.in ├── libfwevt_channel.c ├── libfwevt_channel.h ├── libfwevt_data_segment.c ├── libfwevt_data_segment.h ├── libfwevt_date_time.c ├── libfwevt_date_time.h ├── libfwevt_debug.c ├── libfwevt_debug.h ├── libfwevt_definitions.h.in ├── libfwevt_error.c ├── libfwevt_error.h ├── libfwevt_event.c ├── libfwevt_event.h ├── libfwevt_extern.h ├── libfwevt_floating_point.c ├── libfwevt_floating_point.h ├── libfwevt_integer.c ├── libfwevt_integer.h ├── libfwevt_keyword.c ├── libfwevt_keyword.h ├── libfwevt_level.c ├── libfwevt_level.h ├── libfwevt_libcdata.h ├── libfwevt_libcerror.h ├── libfwevt_libcnotify.h ├── libfwevt_libfdatetime.h ├── libfwevt_libfguid.h ├── libfwevt_libfwnt.h ├── libfwevt_libuna.h ├── libfwevt_manifest.c ├── libfwevt_manifest.h ├── libfwevt_map.c ├── libfwevt_map.h ├── libfwevt_notify.c ├── libfwevt_notify.h ├── libfwevt_opcode.c ├── libfwevt_opcode.h ├── libfwevt_provider.c ├── libfwevt_provider.h ├── libfwevt_support.c ├── libfwevt_support.h ├── libfwevt_task.c ├── libfwevt_task.h ├── libfwevt_template.c ├── libfwevt_template.h ├── libfwevt_template_item.c ├── libfwevt_template_item.h ├── libfwevt_types.h ├── libfwevt_unused.h ├── libfwevt_xml_document.c ├── libfwevt_xml_document.h ├── libfwevt_xml_string.c ├── libfwevt_xml_string.h ├── libfwevt_xml_tag.c ├── libfwevt_xml_tag.h ├── libfwevt_xml_template_value.c ├── libfwevt_xml_template_value.h ├── libfwevt_xml_token.c ├── libfwevt_xml_token.h ├── libfwevt_xml_value.c └── libfwevt_xml_value.h ├── m4 ├── common.m4 ├── libcdata.m4 ├── libcerror.m4 ├── libcnotify.m4 ├── libcthreads.m4 ├── libfdatetime.m4 ├── libfguid.m4 ├── libfwnt.m4 ├── libuna.m4 ├── pthread.m4 ├── python.m4 ├── tests.m4 └── types.m4 ├── manuals ├── Makefile.am └── libfwevt.3 ├── msvscpp ├── Makefile.am ├── fwevt_test_channel │ └── fwevt_test_channel.vcproj ├── fwevt_test_data_segment │ └── fwevt_test_data_segment.vcproj ├── fwevt_test_date_time │ └── fwevt_test_date_time.vcproj ├── fwevt_test_error │ └── fwevt_test_error.vcproj ├── fwevt_test_event │ └── fwevt_test_event.vcproj ├── fwevt_test_floating_point │ └── fwevt_test_floating_point.vcproj ├── fwevt_test_integer │ └── fwevt_test_integer.vcproj ├── fwevt_test_keyword │ └── fwevt_test_keyword.vcproj ├── fwevt_test_level │ └── fwevt_test_level.vcproj ├── fwevt_test_manifest │ └── fwevt_test_manifest.vcproj ├── fwevt_test_map │ └── fwevt_test_map.vcproj ├── fwevt_test_notify │ └── fwevt_test_notify.vcproj ├── fwevt_test_opcode │ └── fwevt_test_opcode.vcproj ├── fwevt_test_provider │ └── fwevt_test_provider.vcproj ├── fwevt_test_support │ └── fwevt_test_support.vcproj ├── fwevt_test_task │ └── fwevt_test_task.vcproj ├── fwevt_test_template │ └── fwevt_test_template.vcproj ├── fwevt_test_template_item │ └── fwevt_test_template_item.vcproj ├── fwevt_test_xml_document │ └── fwevt_test_xml_document.vcproj ├── fwevt_test_xml_tag │ └── fwevt_test_xml_tag.vcproj ├── fwevt_test_xml_template_value │ └── fwevt_test_xml_template_value.vcproj ├── fwevt_test_xml_token │ └── fwevt_test_xml_token.vcproj ├── fwevt_test_xml_value │ └── fwevt_test_xml_value.vcproj ├── libcdata │ └── libcdata.vcproj ├── libcerror │ └── libcerror.vcproj ├── libcnotify │ └── libcnotify.vcproj ├── libcthreads │ └── libcthreads.vcproj ├── libfdatetime │ └── libfdatetime.vcproj ├── libfguid │ └── libfguid.vcproj ├── libfwevt.sln ├── libfwevt │ └── libfwevt.vcproj ├── libfwnt │ └── libfwnt.vcproj ├── libuna │ └── libuna.vcproj └── pyfwevt │ └── pyfwevt.vcproj ├── ossfuzz ├── Makefile.am ├── manifest_fuzzer.cc ├── ossfuzz_libfwevt.h └── xml_document_fuzzer.cc ├── po ├── ChangeLog ├── Makevars.in └── POTFILES.in ├── pyfwevt ├── Makefile.am ├── pyfwevt.c ├── pyfwevt.h ├── pyfwevt_channel.c ├── pyfwevt_channel.h ├── pyfwevt_channels.c ├── pyfwevt_channels.h ├── pyfwevt_error.c ├── pyfwevt_error.h ├── pyfwevt_event.c ├── pyfwevt_event.h ├── pyfwevt_events.c ├── pyfwevt_events.h ├── pyfwevt_guid.c ├── pyfwevt_guid.h ├── pyfwevt_integer.c ├── pyfwevt_integer.h ├── pyfwevt_keyword.c ├── pyfwevt_keyword.h ├── pyfwevt_keywords.c ├── pyfwevt_keywords.h ├── pyfwevt_level.c ├── pyfwevt_level.h ├── pyfwevt_levels.c ├── pyfwevt_levels.h ├── pyfwevt_libcerror.h ├── pyfwevt_libfguid.h ├── pyfwevt_libfwevt.h ├── pyfwevt_manifest.c ├── pyfwevt_manifest.h ├── pyfwevt_map.c ├── pyfwevt_map.h ├── pyfwevt_maps.c ├── pyfwevt_maps.h ├── pyfwevt_opcode.c ├── pyfwevt_opcode.h ├── pyfwevt_opcodes.c ├── pyfwevt_opcodes.h ├── pyfwevt_provider.c ├── pyfwevt_provider.h ├── pyfwevt_providers.c ├── pyfwevt_providers.h ├── pyfwevt_python.h ├── pyfwevt_task.c ├── pyfwevt_task.h ├── pyfwevt_tasks.c ├── pyfwevt_tasks.h ├── pyfwevt_template.c ├── pyfwevt_template.h ├── pyfwevt_template_item.c ├── pyfwevt_template_item.h ├── pyfwevt_template_items.c ├── pyfwevt_template_items.h ├── pyfwevt_templates.c ├── pyfwevt_templates.h └── pyfwevt_unused.h ├── pyproject.toml ├── runtests.ps1 ├── runtests.sh ├── setup.cfg.in ├── setup.py ├── synclibs.ps1 ├── synclibs.sh ├── tests ├── Makefile.am ├── build.sh ├── data │ ├── channel.1 │ ├── event.1 │ ├── level.1 │ ├── manifest.1 │ ├── opcode.1 │ ├── provider.1 │ ├── task.1 │ ├── template.1 │ └── xml_document.1 ├── fwevt_test_channel.c ├── fwevt_test_data_segment.c ├── fwevt_test_date_time.c ├── fwevt_test_error.c ├── fwevt_test_event.c ├── fwevt_test_floating_point.c ├── fwevt_test_integer.c ├── fwevt_test_keyword.c ├── fwevt_test_level.c ├── fwevt_test_libcerror.h ├── fwevt_test_libcnotify.h ├── fwevt_test_libfwevt.h ├── fwevt_test_libuna.h ├── fwevt_test_macros.h ├── fwevt_test_manifest.c ├── fwevt_test_map.c ├── fwevt_test_memory.c ├── fwevt_test_memory.h ├── fwevt_test_notify.c ├── fwevt_test_opcode.c ├── fwevt_test_provider.c ├── fwevt_test_support.c ├── fwevt_test_task.c ├── fwevt_test_template.c ├── fwevt_test_template_item.c ├── fwevt_test_unused.h ├── fwevt_test_xml_document.c ├── fwevt_test_xml_tag.c ├── fwevt_test_xml_template_value.c ├── fwevt_test_xml_token.c ├── fwevt_test_xml_value.c ├── lsan.suppressions ├── pkgbuild.sh ├── pyfwevt_test_event.py ├── pyfwevt_test_manifest.py ├── pyfwevt_test_provider.py ├── pyfwevt_test_support.py ├── runtests.py ├── runtests.sh ├── syncsharedlibs.sh ├── test_library.ps1 ├── test_library.sh ├── test_manpage.sh ├── test_python_module.sh └── test_runner.sh └── tox.ini /.codecov.yml: -------------------------------------------------------------------------------- 1 | coverage: 2 | precision: 2 3 | round: down 4 | range: 70...100 5 | status: 6 | project: true 7 | patch: true 8 | changes: false 9 | ignore: 10 | - "libcdata/*" 11 | - "libcerror/*" 12 | - "libcnotify/*" 13 | - "libcthreads/*" 14 | - "libfdatetime/*" 15 | - "libfguid/*" 16 | - "libfwnt/*" 17 | - "libuna/*" 18 | - "tests/*" 19 | -------------------------------------------------------------------------------- /.github/workflows/build_freebsd.yml: -------------------------------------------------------------------------------- 1 | # Build from source on FreeBSD. 2 | name: build_freebsd 3 | on: [push] 4 | permissions: read-all 5 | jobs: 6 | build_freebsd: 7 | runs-on: ubuntu-22.04 8 | steps: 9 | - uses: actions/checkout@v4 10 | - name: Building from source 11 | id: build_freebsd 12 | uses: vmactions/freebsd-vm@v1 13 | with: 14 | usesh: true 15 | mem: 4096 16 | # Note that the test scripts require bash 17 | prepare: | 18 | pkg install -y autoconf automake bash gettext git libtool pkgconf 19 | run: | 20 | tests/build.sh 21 | tests/runtests.sh 22 | -------------------------------------------------------------------------------- /.github/workflows/build_ossfuzz.yml: -------------------------------------------------------------------------------- 1 | # Build OSSFuzz fuzz targets from source. 2 | name: build_ossfuzz 3 | on: 4 | push: 5 | branches: [main] 6 | permissions: read-all 7 | jobs: 8 | build_ossfuzz: 9 | runs-on: ubuntu-22.04 10 | strategy: 11 | matrix: 12 | include: 13 | - architecture: 'x64' 14 | compiler: 'gcc' 15 | configure_options: '' 16 | steps: 17 | - name: Install build dependencies 18 | run: | 19 | sudo apt-get -y install git 20 | - uses: actions/checkout@v4 21 | with: 22 | repository: google/oss-fuzz 23 | path: oss-fuzz 24 | - name: Build OSSFuzz fuzz targets 25 | working-directory: oss-fuzz 26 | run: | 27 | mkdir -p projects/libfwevt 28 | cp projects/libyal/build.sh projects/libfwevt/ 29 | cp projects/libyal/project.yaml projects/libfwevt/ 30 | head -n 20 projects/libyal/Dockerfile > projects/libfwevt/Dockerfile 31 | echo "RUN git clone --depth 1 https://github.com/libyal/libfwevt.git libfwevt" >> projects/libfwevt/Dockerfile 32 | tail -n 3 projects/libyal/Dockerfile >> projects/libfwevt/Dockerfile 33 | python3 infra/helper.py build_image --pull libfwevt 34 | python3 infra/helper.py build_fuzzers --sanitizer address libfwevt 35 | python3 infra/helper.py check_build libfwevt 36 | -------------------------------------------------------------------------------- /.github/workflows/build_shared.yml: -------------------------------------------------------------------------------- 1 | # Build from source with libyal dependencies as shared libraries. 2 | name: build_shared 3 | on: 4 | push: 5 | branches: [main] 6 | permissions: read-all 7 | jobs: 8 | build_shared_ubuntu: 9 | runs-on: ubuntu-22.04 10 | strategy: 11 | matrix: 12 | include: 13 | - architecture: 'x64' 14 | compiler: 'gcc' 15 | configure_options: '' 16 | steps: 17 | - uses: actions/checkout@v4 18 | - name: Install build dependencies 19 | run: | 20 | sudo apt-get -y install autoconf automake autopoint build-essential git libtool pkg-config 21 | - name: Download test data 22 | run: | 23 | if test -x "synctestdata.sh"; then ./synctestdata.sh; fi 24 | - name: Prepare shared libraries 25 | run: | 26 | tests/syncsharedlibs.sh --use-head 27 | - name: Building from source 28 | env: 29 | CC: ${{ matrix.compiler }} 30 | run: | 31 | tests/build.sh ${{ matrix.configure_options }} 32 | - name: Run tests 33 | run: | 34 | tests/runtests.sh 35 | -------------------------------------------------------------------------------- /.github/workflows/build_wheel.yml: -------------------------------------------------------------------------------- 1 | # Build wheel from source using tox. 2 | name: build_wheel 3 | on: [push, pull_request] 4 | permissions: read-all 5 | jobs: 6 | build_wheel: 7 | runs-on: ubuntu-22.04 8 | strategy: 9 | matrix: 10 | include: 11 | - python-version: '3.7' 12 | toxenv: 'py37' 13 | - python-version: '3.8' 14 | toxenv: 'py38' 15 | - python-version: '3.9' 16 | toxenv: 'py39' 17 | - python-version: '3.10' 18 | toxenv: 'py310' 19 | - python-version: '3.11' 20 | toxenv: 'py311' 21 | - python-version: '3.12' 22 | toxenv: 'py312' 23 | steps: 24 | - uses: actions/checkout@v4 25 | - name: Install build dependencies 26 | run: | 27 | sudo add-apt-repository universe && 28 | sudo add-apt-repository -y ppa:deadsnakes/ppa && 29 | sudo apt-get update && 30 | sudo apt-get install -y autoconf automake autopoint build-essential git libtool pkg-config python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv python3-distutils python3-pip python3-setuptools 31 | - name: Install tox 32 | run: | 33 | python3 -m pip install tox 34 | - name: Download test data 35 | run: | 36 | if test -x "synctestdata.sh"; then ./synctestdata.sh; fi 37 | - name: Prepare build 38 | run: | 39 | ./synclibs.sh --use-head && ./autogen.sh && ./configure && make sources >/dev/null 40 | - name: Build Python wheel 41 | run: | 42 | tox -e${{ matrix.toxenv }} 43 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Files to ignore by git 2 | # 3 | # Version: 20231119 4 | 5 | # Generic auto-generated build files 6 | *~ 7 | *.a 8 | *.gcda 9 | *.gcno 10 | *.gcov 11 | *.la 12 | *.lai 13 | *.lib 14 | *.lineno 15 | *.lo 16 | *.log 17 | *.loT 18 | *.o 19 | *.obj 20 | *.Plo 21 | *.Po 22 | *.so 23 | *.so.[0-9][0-9]* 24 | *.so.[0-9][0-9]*.[0-9][0-9]*.[0-9][0-9]* 25 | *.swp 26 | *.Tpo 27 | *.trs 28 | *.whl 29 | /*.egg-info/ 30 | __pycache__ 31 | .deps 32 | .dirstamp 33 | .libs 34 | .tox 35 | INSTALL 36 | Makefile 37 | Makefile.bcc 38 | Makefile.in 39 | stamp-h[1-9] 40 | 41 | # Specific auto-generated build files 42 | /ABOUT-NLS 43 | /aclocal.m4 44 | /autom4te.cache/ 45 | /build 46 | /compile 47 | /confdefs.h 48 | /config.cache 49 | /config.guess 50 | /config.log 51 | /config.rpath 52 | /config.status 53 | /config.sub 54 | /configure 55 | /conftest.c 56 | /depcomp 57 | /dist 58 | /install-sh 59 | /libtool 60 | /ltmain.sh 61 | /m4/codeset.m4 62 | /m4/extern-inline.m4 63 | /m4/fcntl-o.m4 64 | /m4/gettext.m4 65 | /m4/glibc21.m4 66 | /m4/glibc2.m4 67 | /m4/host-cpu-c-abi.m4 68 | /m4/iconv.m4 69 | /m4/intdiv0.m4 70 | /m4/intldir.m4 71 | /m4/intl.m4 72 | /m4/intlmacosx.m4 73 | /m4/intmax.m4 74 | /m4/inttypes_h.m4 75 | /m4/inttypes-pri.m4 76 | /m4/lcmessage.m4 77 | /m4/lib-ld.m4 78 | /m4/lib-link.m4 79 | /m4/lib-prefix.m4 80 | /m4/libtool.m4 81 | /m4/lock.m4 82 | /m4/longlong.m4 83 | /m4/lt~obsolete.m4 84 | /m4/ltoptions.m4 85 | /m4/ltsugar.m4 86 | /m4/ltversion.m4 87 | /m4/nls.m4 88 | /m4/pkg.m4 89 | /m4/po.m4 90 | /m4/printf-posix.m4 91 | /m4/progtest.m4 92 | /m4/size_max.m4 93 | /m4/stdint_h.m4 94 | /m4/threadlib.m4 95 | /m4/uintmax_t.m4 96 | /m4/visibility.m4 97 | /m4/wchar_t.m4 98 | /m4/wint_t.m4 99 | /m4/xsize.m4 100 | /MANIFEST 101 | /missing 102 | /po/boldquot.sed 103 | /po/en@boldquot.header 104 | /po/en@quot.header 105 | /po/insert-header.sin 106 | /po/Makefile.in.in 107 | /po/Makevars 108 | /po/Makevars.template 109 | /po/POTFILES 110 | /po/quot.sed 111 | /po/remove-potcdate.sed 112 | /po/remove-potcdate.sin 113 | /po/Rules-quot 114 | /test-driver 115 | /ylwrap 116 | 117 | # Project specific files 118 | /common/config.h 119 | /common/config.h.in 120 | /common/types.h 121 | /dpkg/changelog 122 | /include/libfwevt.h 123 | /include/libfwevt/definitions.h 124 | /include/libfwevt/features.h 125 | /include/libfwevt/types.h 126 | /libfwevt.pc 127 | /libfwevt.spec 128 | /libfwevt/libfwevt.rc 129 | /libfwevt/libfwevt_definitions.h 130 | /setup.cfg 131 | /tests/*.exe 132 | /tests/fwevt_test_channel 133 | /tests/fwevt_test_data_segment 134 | /tests/fwevt_test_date_time 135 | /tests/fwevt_test_error 136 | /tests/fwevt_test_event 137 | /tests/fwevt_test_floating_point 138 | /tests/fwevt_test_integer 139 | /tests/fwevt_test_keyword 140 | /tests/fwevt_test_level 141 | /tests/fwevt_test_manifest 142 | /tests/fwevt_test_map 143 | /tests/fwevt_test_notify 144 | /tests/fwevt_test_opcode 145 | /tests/fwevt_test_provider 146 | /tests/fwevt_test_support 147 | /tests/fwevt_test_task 148 | /tests/fwevt_test_template 149 | /tests/fwevt_test_template_item 150 | /tests/fwevt_test_xml_document 151 | /tests/fwevt_test_xml_tag 152 | /tests/fwevt_test_xml_template_value 153 | /tests/fwevt_test_xml_token 154 | /tests/fwevt_test_xml_value 155 | /tests/notify_stream.log 156 | /tests/tmp* 157 | 158 | # Local library dependencies specific files 159 | /libcdata 160 | /libcerror 161 | /libcnotify 162 | /libcthreads 163 | /libfdatetime 164 | /libfguid 165 | /libfwnt 166 | /libuna 167 | -------------------------------------------------------------------------------- /AUTHORS: -------------------------------------------------------------------------------- 1 | Acknowledgements: libfwevt 2 | 3 | Copyright (C) 2011-2024, Joachim Metz 4 | 5 | -------------------------------------------------------------------------------- /ChangeLog: -------------------------------------------------------------------------------- 1 | TODO 2 | * change XML value as string output to resemble wevtutil 3 | * add pyfwevt_xml_document, pyfwevt_xml_tag and pyfwevt_xml_value 4 | * add support for hexadecimal integers in data_as_integer functions 5 | * improve integer XML value formatting 6 | * add codepage support 7 | 8 | * remove deprecated API functions 9 | ** libfwevt_template_get_data - Remove the need to create a copy of the template data at worst only have a copy of the BinXML 10 | ** libfwevt_xml_tag_get_utf8_value_size and libfwevt_xml_tag_get_utf8_value 11 | ** libfwevt_xml_tag_get_utf16_value_size and libfwevt_xml_tag_get_utf16_value 12 | ** libfwevt_xml_value_get_utf8_string_size and libfwevt_xml_value_copy_to_utf8_string 13 | ** libfwevt_xml_value_get_utf16_string_size and libfwevt_xml_value_copy_to_utf16_string 14 | 15 | * refactor: move value to XML string from XML tag into XML value 16 | 17 | * Rename _read() functions to _read_data() 18 | ** libfwevt_manifest_read 19 | ** libfwevt_template_read 20 | ** libfwevt_xml_document_read 21 | 22 | 20140928 23 | * see `git log' for more recent change log 24 | * Created stand-alone version of version used in libevt 25 | 26 | -------------------------------------------------------------------------------- /Makefile.am: -------------------------------------------------------------------------------- 1 | ACLOCAL_AMFLAGS = -I m4 2 | 3 | SUBDIRS = \ 4 | include \ 5 | common \ 6 | libcerror \ 7 | libcthreads \ 8 | libcdata \ 9 | libcnotify \ 10 | libuna \ 11 | libfdatetime \ 12 | libfguid \ 13 | libfwnt \ 14 | libfwevt \ 15 | pyfwevt \ 16 | po \ 17 | manuals \ 18 | tests \ 19 | ossfuzz \ 20 | msvscpp 21 | 22 | DPKG_FILES = \ 23 | dpkg/changelog \ 24 | dpkg/changelog.in \ 25 | dpkg/compat \ 26 | dpkg/control \ 27 | dpkg/copyright \ 28 | dpkg/rules \ 29 | dpkg/libfwevt-dev.install \ 30 | dpkg/libfwevt.install \ 31 | dpkg/libfwevt-python3.install \ 32 | dpkg/source/format 33 | 34 | GETTEXT_FILES = \ 35 | config.rpath \ 36 | po/Makevars.in 37 | 38 | PKGCONFIG_FILES = \ 39 | libfwevt.pc.in 40 | 41 | SETUP_PY_FILES = \ 42 | pyproject.toml \ 43 | setup.cfg \ 44 | setup.cfg.in \ 45 | setup.py 46 | 47 | SPEC_FILES = \ 48 | libfwevt.spec \ 49 | libfwevt.spec.in 50 | 51 | EXTRA_DIST = \ 52 | $(DPKG_FILES) \ 53 | $(GETTEXT_FILES) \ 54 | $(PKGCONFIG_FILES) \ 55 | $(SETUP_PY_FILES) \ 56 | $(SPEC_FILES) 57 | 58 | DISTCLEANFILES = \ 59 | config.status \ 60 | config.cache \ 61 | config.log \ 62 | libfwevt.pc \ 63 | libfwevt.spec \ 64 | Makefile \ 65 | Makefile.in \ 66 | po/Makevars 67 | 68 | pkgconfigdir = $(libdir)/pkgconfig 69 | 70 | pkgconfig_DATA = \ 71 | libfwevt.pc 72 | 73 | libtool: @LIBTOOL_DEPS@ 74 | cd $(srcdir) && $(SHELL) ./config.status --recheck 75 | 76 | lib: library 77 | 78 | library: 79 | (cd $(srcdir)/common && $(MAKE) $(AM_MAKEFLAGS)) 80 | (cd $(srcdir)/libcerror && $(MAKE) $(AM_MAKEFLAGS)) 81 | (cd $(srcdir)/libcthreads && $(MAKE) $(AM_MAKEFLAGS)) 82 | (cd $(srcdir)/libcdata && $(MAKE) $(AM_MAKEFLAGS)) 83 | (cd $(srcdir)/libcnotify && $(MAKE) $(AM_MAKEFLAGS)) 84 | (cd $(srcdir)/libuna && $(MAKE) $(AM_MAKEFLAGS)) 85 | (cd $(srcdir)/libfdatetime && $(MAKE) $(AM_MAKEFLAGS)) 86 | (cd $(srcdir)/libfguid && $(MAKE) $(AM_MAKEFLAGS)) 87 | (cd $(srcdir)/libfwnt && $(MAKE) $(AM_MAKEFLAGS)) 88 | (cd $(srcdir)/libfwevt && $(MAKE) $(AM_MAKEFLAGS)) 89 | (cd $(srcdir)/po && $(MAKE) $(AM_MAKEFLAGS)) 90 | 91 | -------------------------------------------------------------------------------- /NEWS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/NEWS -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | libfwevt is a library for Windows XML Event Log (EVTX) data types. 2 | 3 | Project information: 4 | 5 | * Status: experimental 6 | * Licence: LGPLv3+ 7 | 8 | For more information see: 9 | 10 | * Project documentation: https://github.com/libyal/libfwevt/wiki/Home 11 | * How to build from source: https://github.com/libyal/libfwevt/wiki/Building 12 | 13 | -------------------------------------------------------------------------------- /acinclude.m4: -------------------------------------------------------------------------------- 1 | dnl Checks for required headers and functions 2 | dnl 3 | dnl Version: 20240501 4 | 5 | dnl Function to detect if libfwevt dependencies are available 6 | AC_DEFUN([AX_LIBFWEVT_CHECK_LOCAL], 7 | [dnl No additional checks. 8 | ]) 9 | 10 | dnl Function to check if DLL support is needed 11 | AC_DEFUN([AX_LIBFWEVT_CHECK_DLL_SUPPORT], 12 | [AS_IF( 13 | [test "x$enable_shared" = xyes], 14 | [AS_CASE( 15 | [$host], 16 | [*cygwin* | *mingw* | *msys*], 17 | [AC_DEFINE( 18 | [HAVE_DLLMAIN], 19 | [1], 20 | [Define to 1 to enable the DllMain function.]) 21 | AC_SUBST( 22 | [HAVE_DLLMAIN], 23 | [1]) 24 | 25 | AC_SUBST( 26 | [LIBFWEVT_DLL_EXPORT], 27 | ["-DLIBFWEVT_DLL_EXPORT"]) 28 | 29 | AC_SUBST( 30 | [LIBFWEVT_DLL_IMPORT], 31 | ["-DLIBFWEVT_DLL_IMPORT"]) 32 | ]) 33 | ]) 34 | ]) 35 | 36 | -------------------------------------------------------------------------------- /autogen.ps1: -------------------------------------------------------------------------------- 1 | # Script to generate the necessary files for a msvscpp build 2 | # 3 | # Version: 20240306 4 | 5 | $WinFlex = "..\win_flex_bison\win_flex.exe" 6 | $WinBison = "..\win_flex_bison\win_bison.exe" 7 | 8 | $Library = Get-Content -Path configure.ac | select -skip 3 -first 1 | % { $_ -Replace " \[","" } | % { $_ -Replace "\],","" } 9 | $Version = Get-Content -Path configure.ac | select -skip 4 -first 1 | % { $_ -Replace " \[","" } | % { $_ -Replace "\],","" } 10 | $Prefix = ${Library}.Substring(3) 11 | 12 | Get-Content -Path "include\${Library}.h.in" | Out-File -Encoding ascii "include\${Library}.h" 13 | Get-Content -Path "include\${Library}\definitions.h.in" | % { $_ -Replace "@VERSION@","${Version}" } | Out-File -Encoding ascii "include\${Library}\definitions.h" 14 | Get-Content -Path "include\${Library}\features.h.in" | % { $_ -Replace "@[A-Z0-9_]*@","0" } | Out-File -Encoding ascii "include\${Library}\features.h" 15 | Get-Content -Path "include\${Library}\types.h.in" | % { $_ -Replace "@[A-Z0-9_]*@","0" } | Out-File -Encoding ascii "include\${Library}\types.h" 16 | Get-Content -Path "common\types.h.in" | % { $_ -Replace "@PACKAGE@","${Library}" } | Out-File -Encoding ascii "common\types.h" 17 | Get-Content -Path "${Library}\${Library}_definitions.h.in" | % { $_ -Replace "@VERSION@","${Version}" } | Out-File -Encoding ascii "${Library}\${Library}_definitions.h" 18 | Get-Content -Path "${Library}\${Library}.rc.in" | % { $_ -Replace "@VERSION@","${Version}" } | Out-File -Encoding ascii "${Library}\${Library}.rc" 19 | 20 | If (Test-Path "setup.cfg.in") 21 | { 22 | Get-Content -Path "setup.cfg.in" | % { $_ -Replace "@VERSION@","${Version}" } | Out-File -Encoding ascii "setup.cfg" 23 | } 24 | 25 | If (Test-Path "${Prefix}.net") 26 | { 27 | Get-Content -Path "${Prefix}.net\${Prefix}.net.rc.in" | % { $_ -Replace "@VERSION@","${Version}" } | Out-File -Encoding ascii "${Prefix}.net\${Prefix}.net.rc" 28 | } 29 | 30 | $NamePrefix = "" 31 | 32 | ForEach (${Library} in Get-ChildItem -Directory -Path "lib*") 33 | { 34 | ForEach (${DirectoryElement} in Get-ChildItem -Path "${Library}\*.l") 35 | { 36 | $OutputFile = ${DirectoryElement} -Replace ".l$",".c" 37 | 38 | $NamePrefix = Split-Path -path ${DirectoryElement} -leaf 39 | $NamePrefix = ${NamePrefix} -Replace ".l$","_" 40 | 41 | Write-Host "Running: ${WinFlex} -Cf ${DirectoryElement}" 42 | 43 | # PowerShell will raise NativeCommandError if win_flex writes to stdout or stderr 44 | # therefore 2>&1 is added and the output is stored in a variable. 45 | $Output = Invoke-Expression -Command "& '${WinFlex}' -Cf ${DirectoryElement} 2>&1" 46 | Write-Host ${Output} 47 | 48 | # Moving manually since `win_flex -o filename' does not provide the expected behavior. 49 | Move-Item "lex.yy.c" ${OutputFile} -force 50 | } 51 | 52 | ForEach (${DirectoryElement} in Get-ChildItem -Path "${Library}\*.y") 53 | { 54 | $OutputFile = ${DirectoryElement} -Replace ".y$",".c" 55 | 56 | Write-Host "Running: ${WinBison} -d -v -l -p ${NamePrefix} -o ${OutputFile} ${DirectoryElement}" 57 | 58 | # PowerShell will raise NativeCommandError if win_bison writes to stdout or stderr 59 | # therefore 2>&1 is added and the output is stored in a variable. 60 | $Output = Invoke-Expression -Command "& '${WinBison}' -d -v -l -p ${NamePrefix} -o ${OutputFile} ${DirectoryElement} 2>&1" 61 | Write-Host ${Output} 62 | } 63 | } 64 | 65 | -------------------------------------------------------------------------------- /common/Makefile.am: -------------------------------------------------------------------------------- 1 | AM_CPPFLAGS = \ 2 | -I../include -I$(top_srcdir)/include 3 | 4 | EXTRA_DIST = \ 5 | byte_stream.h \ 6 | common.h \ 7 | config.h \ 8 | config_borlandc.h \ 9 | config_msc.h \ 10 | config_winapi.h \ 11 | file_stream.h \ 12 | memory.h \ 13 | narrow_string.h \ 14 | system_string.h \ 15 | types.h \ 16 | types.h.in \ 17 | wide_string.h 18 | 19 | DISTCLEANFILES = \ 20 | config.h \ 21 | types.h \ 22 | Makefile \ 23 | Makefile.in 24 | 25 | -------------------------------------------------------------------------------- /common/common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Common include file 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _COMMON_H ) 23 | #define _COMMON_H 24 | 25 | #if defined( HAVE_CONFIG_H ) 26 | #include "config.h" 27 | #endif 28 | 29 | /* Include the Borland/CodeGear C++ Builder compiler specific configuration 30 | */ 31 | #if defined( __BORLANDC__ ) 32 | #include "config_borlandc.h" 33 | 34 | /* Include the Microsoft Visual Studio C++ compiler specific configuration 35 | */ 36 | #elif defined( _MSC_VER ) 37 | #include "config_msc.h" 38 | #endif 39 | 40 | #include "config_winapi.h" 41 | 42 | #endif /* !defined( _COMMON_H ) */ 43 | 44 | -------------------------------------------------------------------------------- /common/config_borlandc.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Configuration for the Borland/CodeGear C++ Builder compiler 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _CONFIG_BORLANDC_H ) 23 | #define _CONFIG_BORLANDC_H 24 | 25 | #endif /* !defined( _CONFIG_BORLANDC_H ) */ 26 | 27 | -------------------------------------------------------------------------------- /common/config_msc.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Configuration for the Microsoft Visual Studio C++ compiler 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _CONFIG_MSC_H ) 23 | #define _CONFIG_MSC_H 24 | 25 | /* Disable warning C4127: conditional expression is constant 26 | */ 27 | #pragma warning( disable : 4127 ) 28 | 29 | /* Disable warning C4201: nonstandard extension used : nameless struct/union 30 | */ 31 | #pragma warning( disable : 4201 ) 32 | 33 | #endif /* !defined( _CONFIG_MSC_H ) */ 34 | 35 | -------------------------------------------------------------------------------- /common/config_winapi.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Configuration file for WINAPI 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _CONFIG_WINAPI_H ) 23 | #define _CONFIG_WINAPI_H 24 | 25 | /* Define the earliest supported WINAPI version 26 | #define WINVER 0x0501 27 | */ 28 | 29 | /* If necessary make sure WINAPI is defined 30 | */ 31 | #if defined( HAVE_WINDOWS_H ) || defined( __BORLANDC__ ) || defined( _MSC_VER ) 32 | #include 33 | #endif 34 | 35 | #if defined( WINAPI ) 36 | 37 | /* Define to the address where bug reports for this package should be sent. 38 | */ 39 | #define PACKAGE_BUGREPORT "joachim.metz@gmail.com" 40 | 41 | /* Define the size of the integer for WINAPI 42 | */ 43 | #if !defined( SIZEOF_INT ) 44 | #define SIZEOF_INT 4 45 | #endif 46 | 47 | /* Define the size of size_t for WINAPI 48 | * Do not define when pyconfig.h has been included via python.h 49 | */ 50 | #if !defined( HAVE_PYCONFIG_H ) 51 | 52 | #if !defined( SIZEOF_SIZE_T ) 53 | #if __WORDSIZE == 64 54 | #define SIZEOF_SIZE_T 8 55 | #else 56 | #define SIZEOF_SIZE_T 4 57 | #endif 58 | #endif 59 | 60 | #endif /* !defined( HAVE_PYCONFIG_H ) */ 61 | 62 | /* Define the size of the wide character for WINAPI 63 | */ 64 | #if !defined( SIZEOF_WCHAR_T ) 65 | #define SIZEOF_WCHAR_T 2 66 | #endif 67 | 68 | /* Enable the DllMain function 69 | */ 70 | #define HAVE_DLLMAIN 1 71 | 72 | /* Enable verbose output 73 | #define HAVE_VERBOSE_OUTPUT 1 74 | */ 75 | 76 | /* Enable debug output 77 | #define HAVE_DEBUG_OUTPUT 1 78 | */ 79 | 80 | /* Enable both the narrow and wide character functions 81 | */ 82 | #if !defined( HAVE_WIDE_CHARACTER_TYPE ) 83 | #define HAVE_WIDE_CHARACTER_TYPE 1 84 | #endif 85 | 86 | /* If not controlled by config.h enable multi-thread support 87 | */ 88 | #if !defined( HAVE_CONFIG_H ) && !defined( HAVE_MULTI_THREAD_SUPPORT ) 89 | #define HAVE_MULTI_THREAD_SUPPORT 1 90 | #endif 91 | 92 | #endif /* defined( WINAPI ) */ 93 | 94 | #endif /* !defined( _CONFIG_WINAPI_H ) */ 95 | 96 | -------------------------------------------------------------------------------- /dpkg/changelog.in: -------------------------------------------------------------------------------- 1 | libfwevt (@VERSION@-1) unstable; urgency=low 2 | 3 | * Auto-generated 4 | 5 | -- Joachim Metz @DPKG_DATE@ 6 | -------------------------------------------------------------------------------- /dpkg/compat: -------------------------------------------------------------------------------- 1 | 10 2 | -------------------------------------------------------------------------------- /dpkg/control: -------------------------------------------------------------------------------- 1 | Source: libfwevt 2 | Priority: extra 3 | Maintainer: Joachim Metz 4 | Build-Depends: debhelper (>= 9), dh-autoreconf, dh-python, pkg-config, python3-dev, python3-setuptools 5 | Standards-Version: 4.1.4 6 | Section: libs 7 | Homepage: https://github.com/libyal/libfwevt 8 | Vcs-Git: https://github.com/libyal/libfwevt.git 9 | 10 | Package: libfwevt 11 | Architecture: any 12 | Depends: ${shlibs:Depends}, ${misc:Depends} 13 | Conflicts: libfwevt1 14 | Replaces: libfwevt1 15 | Suggests: libfwevt-dbg 16 | Description: Library to support the Windows XML Event Log (EVTX) data types 17 | libfwevt is a library to support the Windows XML Event Log (EVTX) data types. 18 | 19 | Package: libfwevt-dbg 20 | Architecture: any 21 | Section: debug 22 | Depends: libfwevt (= ${binary:Version}), ${misc:Depends} 23 | Description: Debugging symbols for libfwevt 24 | Debugging symbols for libfwevt. 25 | 26 | Package: libfwevt-dev 27 | Section: libdevel 28 | Architecture: any 29 | Depends: libfwevt (= ${binary:Version}), ${misc:Depends} 30 | Description: Header files and libraries for developing applications for libfwevt 31 | Header files and libraries for developing applications for libfwevt. 32 | 33 | Package: libfwevt-python3 34 | Section: python 35 | Architecture: any 36 | Depends: libfwevt (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} 37 | Conflicts: python3-libfwevt 38 | Replaces: python3-libfwevt 39 | Suggests: libfwevt-python3-dbg 40 | Description: Python 3 bindings for libfwevt 41 | Python 3 bindings for libfwevt. 42 | 43 | Package: libfwevt-python3-dbg 44 | Section: debug 45 | Architecture: any 46 | Depends: libfwevt-python3 (= ${binary:Version}), ${misc:Depends} 47 | Description: Debugging symbols for libfwevt-python3 48 | Debugging symbols for libfwevt-python3. 49 | 50 | -------------------------------------------------------------------------------- /dpkg/copyright: -------------------------------------------------------------------------------- 1 | Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ 2 | Upstream-Name: libfwevt 3 | Source: https://github.com/libyal/libfwevt 4 | 5 | Files: * 6 | Copyright: 2011-2024, Joachim Metz 7 | License: LGPL-3.0+ 8 | 9 | License: LGPL-3.0+ 10 | This package is free software; you can redistribute it and/or 11 | modify it under the terms of the GNU Lesser General Public 12 | License as published by the Free Software Foundation; either 13 | version 3 of the License, or (at your option) any later version. 14 | . 15 | This package is distributed in the hope that it will be useful, 16 | but WITHOUT ANY WARRANTY; without even the implied warranty of 17 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 | Lesser General Public License for more details. 19 | . 20 | You should have received a copy of the GNU General Public License 21 | along with this program. If not, see . 22 | . 23 | On Debian systems, the complete text of the GNU Lesser General 24 | Public License can be found in "/usr/share/common-licenses/LGPL-3". 25 | 26 | -------------------------------------------------------------------------------- /dpkg/libfwevt-dev.install: -------------------------------------------------------------------------------- 1 | usr/include/* 2 | usr/lib/*-*/lib*.a 3 | usr/lib/*-*/lib*.so 4 | usr/lib/*-*/pkgconfig/* 5 | usr/share/man/man3 6 | -------------------------------------------------------------------------------- /dpkg/libfwevt-python3.install: -------------------------------------------------------------------------------- 1 | /usr/lib/python3* 2 | -------------------------------------------------------------------------------- /dpkg/libfwevt.install: -------------------------------------------------------------------------------- 1 | usr/lib/*-*/lib*.so.* 2 | -------------------------------------------------------------------------------- /dpkg/rules: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make -f 2 | # -*- makefile -*- 3 | 4 | # Uncomment for debhelper verbose output. 5 | # export DH_VERBOSE=1 6 | 7 | export SKIP_PYTHON_TESTS=1 8 | 9 | %: 10 | dh $@ --buildsystem=autoconf --with=autoreconf,python3 11 | 12 | .PHONY: override_dh_auto_configure 13 | override_dh_auto_configure: 14 | dh_auto_configure -- --enable-python CFLAGS="-g" 15 | 16 | .PHONY: override_dh_install 17 | override_dh_install: 18 | dh_install --fail-missing -X.la -X/pyfwevt.a 19 | 20 | .PHONY: override_dh_missing 21 | override_dh_missing: 22 | dh_missing -X.la -X/pyfwevt.a --fail-missing 23 | 24 | .PHONY: override_dh_strip 25 | override_dh_strip: 26 | ifeq (,$(filter nostrip,$(DEB_BUILD_OPTIONS))) 27 | dh_strip -plibfwevt --dbg-package=libfwevt-dbg 28 | dh_strip -plibfwevt-python3 --dbg-package=libfwevt-python3-dbg 29 | endif 30 | 31 | -------------------------------------------------------------------------------- /dpkg/source/format: -------------------------------------------------------------------------------- 1 | 3.0 (quilt) 2 | -------------------------------------------------------------------------------- /include/Makefile.am: -------------------------------------------------------------------------------- 1 | include_HEADERS = \ 2 | libfwevt.h 3 | 4 | pkginclude_HEADERS = \ 5 | libfwevt/definitions.h \ 6 | libfwevt/error.h \ 7 | libfwevt/extern.h \ 8 | libfwevt/features.h \ 9 | libfwevt/types.h 10 | 11 | EXTRA_DIST = \ 12 | libfwevt.h.in \ 13 | libfwevt/definitions.h.in \ 14 | libfwevt/features.h.in \ 15 | libfwevt/types.h.in 16 | 17 | DISTCLEANFILES = \ 18 | libfwevt.h \ 19 | libfwevt/definitions.h \ 20 | libfwevt/features.h \ 21 | libfwevt/types.h \ 22 | Makefile \ 23 | Makefile.in 24 | 25 | -------------------------------------------------------------------------------- /include/libfwevt/extern.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The extern definition 3 | * 4 | * This header should be included in header files that export or import 5 | * library functions 6 | * 7 | * Copyright (C) 2011-2024, Joachim Metz 8 | * 9 | * Refer to AUTHORS for acknowledgements. 10 | * 11 | * This program is free software: you can redistribute it and/or modify 12 | * it under the terms of the GNU Lesser General Public License as published by 13 | * the Free Software Foundation, either version 3 of the License, or 14 | * (at your option) any later version. 15 | * 16 | * This program is distributed in the hope that it will be useful, 17 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 18 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 19 | * GNU General Public License for more details. 20 | * 21 | * You should have received a copy of the GNU Lesser General Public License 22 | * along with this program. If not, see . 23 | */ 24 | 25 | #if !defined( _LIBFWEVT_EXTERN_H ) 26 | #define _LIBFWEVT_EXTERN_H 27 | 28 | /* To export functions from the libfwevt DLL define LIBFWEVT_DLL_EXPORT 29 | * To import functions from the libfwevt DLL define LIBFWEVT_DLL_IMPORT 30 | * Otherwise use default extern statement 31 | */ 32 | #if defined( LIBFWEVT_DLL_EXPORT ) 33 | #define LIBFWEVT_EXTERN __declspec(dllexport) 34 | 35 | #elif defined( LIBFWEVT_DLL_IMPORT ) 36 | #define LIBFWEVT_EXTERN extern __declspec(dllimport) 37 | 38 | #else 39 | #define LIBFWEVT_EXTERN extern 40 | 41 | #endif 42 | 43 | #endif /* !defined( _LIBFWEVT_EXTERN_H ) */ 44 | 45 | -------------------------------------------------------------------------------- /include/libfwevt/features.h.in: -------------------------------------------------------------------------------- 1 | /* 2 | * Features of libfwevt 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_FEATURES_H ) 23 | #define _LIBFWEVT_FEATURES_H 24 | 25 | /* The libfwevt type support features 26 | */ 27 | #if !defined( LIBFWEVT_DEPRECATED ) 28 | #if defined( __GNUC__ ) && __GNUC__ >= 3 29 | #define LIBFWEVT_DEPRECATED __attribute__ ((__deprecated__)) 30 | #elif defined( _MSC_VER ) 31 | #define LIBFWEVT_DEPRECATED __declspec(deprecated) 32 | #else 33 | #define LIBFWEVT_DEPRECATED 34 | #endif 35 | #endif 36 | 37 | #endif /* !defined( _LIBFWEVT_FEATURES_H ) */ 38 | 39 | -------------------------------------------------------------------------------- /libfwevt.ini: -------------------------------------------------------------------------------- 1 | [project] 2 | description: "libfwevt is a library for Windows XML Event Log (EVTX) data types." 3 | name: "libfwevt" 4 | status: "experimental" 5 | year_of_creation: "2011" 6 | features: ["debug_output", "ossfuzz", "python_bindings"] 7 | 8 | [library] 9 | description: "Library to support the Windows XML Event Log (EVTX) data types" 10 | public_types: ["channel", "event", "keyword", "level", "manifest", "map", "opcode", "provider", "task", "template", "template_item", "xml_document", "xml_tag", "xml_template_value", "xml_value"] 11 | 12 | [pypi] 13 | appveyor_token: "VHuZiUWgTqTciKE2nsv/LvgzW1RYojfMXbiEHTPVSOi529zwFBTwlwjaYJGoAE9PcCZvaEWthApNCSGMUbHzQZwjOySEO9YO/AAr17eA/3QKlNXIEjV5jpTPKtWvNMZUP7WhUNk6ua6EYHuxt2I/i3rjB8lv0jZelBPClNng+MfAtcaXzrgzwxEmWGB6NzXGU7jZAZz/tpf8TB1WBHtWsTvhuw8cISx1nEh0ijLqLmpAAa/cB5zz0mnHPVMLtVdRAj39Eeb4wOnpszjaI1/lsQ0FiBAjcZkB7KaSkNuisNo=" 14 | 15 | -------------------------------------------------------------------------------- /libfwevt.pc.in: -------------------------------------------------------------------------------- 1 | prefix=@prefix@ 2 | exec_prefix=@exec_prefix@ 3 | libdir=@libdir@ 4 | includedir=@includedir@ 5 | 6 | Name: libfwevt 7 | Description: Library to support the Windows XML Event Log (EVTX) data types 8 | Version: @VERSION@ 9 | Libs: -L${libdir} -lfwevt 10 | Libs.private: @ax_libcdata_pc_libs_private@ @ax_libcerror_pc_libs_private@ @ax_libcnotify_pc_libs_private@ @ax_libcthreads_pc_libs_private@ @ax_libfdatetime_pc_libs_private@ @ax_libfguid_pc_libs_private@ @ax_libfwnt_pc_libs_private@ @ax_libuna_pc_libs_private@ @ax_pthread_pc_libs_private@ 11 | Cflags: -I${includedir} 12 | 13 | -------------------------------------------------------------------------------- /libfwevt.spec.in: -------------------------------------------------------------------------------- 1 | Name: libfwevt 2 | Version: @VERSION@ 3 | Release: 1 4 | Summary: Library to support the Windows XML Event Log (EVTX) data types 5 | Group: System Environment/Libraries 6 | License: LGPL-3.0-or-later 7 | Source: %{name}-%{version}.tar.gz 8 | URL: https://github.com/libyal/libfwevt 9 | @libfwevt_spec_requires@ @ax_libcdata_spec_requires@ @ax_libcerror_spec_requires@ @ax_libcnotify_spec_requires@ @ax_libcthreads_spec_requires@ @ax_libfdatetime_spec_requires@ @ax_libfguid_spec_requires@ @ax_libfwnt_spec_requires@ @ax_libuna_spec_requires@ 10 | BuildRequires: gcc @ax_libcdata_spec_build_requires@ @ax_libcerror_spec_build_requires@ @ax_libcnotify_spec_build_requires@ @ax_libcthreads_spec_build_requires@ @ax_libfdatetime_spec_build_requires@ @ax_libfguid_spec_build_requires@ @ax_libfwnt_spec_build_requires@ @ax_libuna_spec_build_requires@ 11 | 12 | %description -n libfwevt 13 | Library to support the Windows XML Event Log (EVTX) data types 14 | 15 | %package -n libfwevt-static 16 | Summary: Library to support the Windows XML Event Log (EVTX) data types 17 | Group: Development/Libraries 18 | Requires: libfwevt = %{version}-%{release} 19 | 20 | %description -n libfwevt-static 21 | Static library version of libfwevt. 22 | 23 | %package -n libfwevt-devel 24 | Summary: Header files and libraries for developing applications for libfwevt 25 | Group: Development/Libraries 26 | Requires: libfwevt = %{version}-%{release} 27 | 28 | %description -n libfwevt-devel 29 | Header files and libraries for developing applications for libfwevt. 30 | 31 | %package -n libfwevt-python3 32 | Summary: Python 3 bindings for libfwevt 33 | Group: System Environment/Libraries 34 | Requires: libfwevt = %{version}-%{release} python3 35 | BuildRequires: python3-devel python3-setuptools 36 | 37 | %description -n libfwevt-python3 38 | Python 3 bindings for libfwevt 39 | 40 | %prep 41 | %setup -q 42 | 43 | %build 44 | %configure --prefix=/usr --libdir=%{_libdir} --mandir=%{_mandir} --enable-python 45 | make %{?_smp_mflags} 46 | 47 | %install 48 | rm -rf %{buildroot} 49 | %make_install 50 | 51 | %clean 52 | rm -rf %{buildroot} 53 | 54 | %post -p /sbin/ldconfig 55 | 56 | %postun -p /sbin/ldconfig 57 | 58 | %files -n libfwevt 59 | %license COPYING COPYING.LESSER 60 | %doc AUTHORS README 61 | %{_libdir}/*.so.* 62 | 63 | %files -n libfwevt-static 64 | %license COPYING COPYING.LESSER 65 | %doc AUTHORS README 66 | %{_libdir}/*.a 67 | 68 | %files -n libfwevt-devel 69 | %license COPYING COPYING.LESSER 70 | %doc AUTHORS README 71 | %{_libdir}/*.so 72 | %{_libdir}/pkgconfig/libfwevt.pc 73 | %{_includedir}/* 74 | %{_mandir}/man3/* 75 | 76 | %files -n libfwevt-python3 77 | %license COPYING COPYING.LESSER 78 | %doc AUTHORS README 79 | %{_libdir}/python3*/site-packages/*.a 80 | %{_libdir}/python3*/site-packages/*.so 81 | 82 | %changelog 83 | * @SPEC_DATE@ Joachim Metz @VERSION@-1 84 | - Auto-generated 85 | 86 | -------------------------------------------------------------------------------- /libfwevt/Makefile.am: -------------------------------------------------------------------------------- 1 | AM_CPPFLAGS = \ 2 | -I../include -I$(top_srcdir)/include \ 3 | -I../common -I$(top_srcdir)/common \ 4 | @LIBCERROR_CPPFLAGS@ \ 5 | @LIBCTHREADS_CPPFLAGS@ \ 6 | @LIBCDATA_CPPFLAGS@ \ 7 | @LIBCNOTIFY_CPPFLAGS@ \ 8 | @LIBFDATETIME_CPPFLAGS@ \ 9 | @LIBFGUID_CPPFLAGS@ \ 10 | @LIBFWNT_CPPFLAGS@ \ 11 | @LIBUNA_CPPFLAGS@ \ 12 | @PTHREAD_CPPFLAGS@ \ 13 | @LIBFWEVT_DLL_EXPORT@ 14 | 15 | lib_LTLIBRARIES = libfwevt.la 16 | 17 | libfwevt_la_SOURCES = \ 18 | fwevt_template.h \ 19 | libfwevt.c \ 20 | libfwevt_channel.c libfwevt_channel.h \ 21 | libfwevt_data_segment.c libfwevt_data_segment.h \ 22 | libfwevt_date_time.c libfwevt_date_time.h \ 23 | libfwevt_debug.c libfwevt_debug.h \ 24 | libfwevt_definitions.h \ 25 | libfwevt_extern.h \ 26 | libfwevt_error.c libfwevt_error.h \ 27 | libfwevt_event.c libfwevt_event.h \ 28 | libfwevt_floating_point.c libfwevt_floating_point.h \ 29 | libfwevt_integer.c libfwevt_integer.h \ 30 | libfwevt_libcdata.h \ 31 | libfwevt_libcerror.h \ 32 | libfwevt_libcnotify.h \ 33 | libfwevt_libfdatetime.h \ 34 | libfwevt_libfguid.h \ 35 | libfwevt_libfwnt.h \ 36 | libfwevt_libuna.h \ 37 | libfwevt_keyword.c libfwevt_keyword.h \ 38 | libfwevt_level.c libfwevt_level.h \ 39 | libfwevt_manifest.c libfwevt_manifest.h \ 40 | libfwevt_map.c libfwevt_map.h \ 41 | libfwevt_notify.c libfwevt_notify.h \ 42 | libfwevt_opcode.c libfwevt_opcode.h \ 43 | libfwevt_provider.c libfwevt_provider.h \ 44 | libfwevt_support.c libfwevt_support.h \ 45 | libfwevt_task.c libfwevt_task.h \ 46 | libfwevt_template.c libfwevt_template.h \ 47 | libfwevt_template_item.c libfwevt_template_item.h \ 48 | libfwevt_types.h \ 49 | libfwevt_unused.h \ 50 | libfwevt_xml_document.c libfwevt_xml_document.h \ 51 | libfwevt_xml_string.c libfwevt_xml_string.h \ 52 | libfwevt_xml_tag.c libfwevt_xml_tag.h \ 53 | libfwevt_xml_template_value.c libfwevt_xml_template_value.h \ 54 | libfwevt_xml_token.c libfwevt_xml_token.h \ 55 | libfwevt_xml_value.c libfwevt_xml_value.h 56 | 57 | libfwevt_la_LIBADD = \ 58 | @LIBCERROR_LIBADD@ \ 59 | @LIBCTHREADS_LIBADD@ \ 60 | @LIBCDATA_LIBADD@ \ 61 | @LIBCNOTIFY_LIBADD@ \ 62 | @LIBUNA_LIBADD@ \ 63 | @LIBFDATETIME_LIBADD@ \ 64 | @LIBFGUID_LIBADD@ \ 65 | @LIBFWNT_LIBADD@ \ 66 | @PTHREAD_LIBADD@ 67 | 68 | libfwevt_la_LDFLAGS = -no-undefined -version-info 1:0:0 69 | 70 | EXTRA_DIST = \ 71 | libfwevt_definitions.h.in \ 72 | libfwevt.rc \ 73 | libfwevt.rc.in 74 | 75 | DISTCLEANFILES = \ 76 | libfwevt_definitions.h \ 77 | libfwevt.rc \ 78 | Makefile \ 79 | Makefile.in 80 | 81 | sources-local: $(BUILT_SOURCES) 82 | 83 | splint-local: 84 | @echo "Running splint on libfwevt ..." 85 | -splint -preproc -redef $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(libfwevt_la_SOURCES) 86 | 87 | -------------------------------------------------------------------------------- /libfwevt/libfwevt.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Library to support the Windows XML Event Log (EVTX) data types 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #include 23 | 24 | #if defined( WINAPI ) 25 | #include 26 | #endif 27 | 28 | #include "libfwevt_unused.h" 29 | 30 | /* Define HAVE_LOCAL_LIBFWEVT for local use of libfwevt 31 | */ 32 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 33 | 34 | #if defined( WINAPI ) && defined( HAVE_DLLMAIN ) 35 | 36 | #if defined( _MANAGED ) 37 | #pragma managed( push, off ) 38 | #endif 39 | 40 | /* Defines the entry point for the DLL 41 | */ 42 | BOOL WINAPI DllMain( 43 | HINSTANCE hinstDLL, 44 | DWORD fdwReason, 45 | LPVOID lpvReserved ) 46 | { 47 | LIBFWEVT_UNREFERENCED_PARAMETER( lpvReserved ) 48 | 49 | switch( fdwReason ) 50 | { 51 | case DLL_PROCESS_ATTACH: 52 | DisableThreadLibraryCalls( 53 | hinstDLL ); 54 | break; 55 | 56 | case DLL_THREAD_ATTACH: 57 | break; 58 | 59 | case DLL_THREAD_DETACH: 60 | break; 61 | 62 | case DLL_PROCESS_DETACH: 63 | break; 64 | } 65 | return( TRUE ); 66 | } 67 | 68 | /* Function that indicates the library is a DLL 69 | * Returns 1 70 | */ 71 | int libfwevt_is_dll( 72 | void ) 73 | { 74 | return( 1 ); 75 | } 76 | 77 | #endif /* defined( WINAPI ) && defined( HAVE_DLLMAIN ) */ 78 | 79 | #endif /* !defined( HAVE_LOCAL_LIBFWEVT ) */ 80 | 81 | -------------------------------------------------------------------------------- /libfwevt/libfwevt.rc.in: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #ifdef GCC_WINDRES 4 | VS_VERSION_INFO VERSIONINFO 5 | #else 6 | VS_VERSION_INFO VERSIONINFO MOVEABLE IMPURE LOADONCALL DISCARDABLE 7 | #endif 8 | FILEVERSION 1,0,0,0 9 | PRODUCTVERSION 1,0,0,0 10 | FILEFLAGSMASK VS_FFI_FILEFLAGSMASK 11 | #ifdef _DEBUG 12 | FILEFLAGS 0x1L 13 | #else 14 | FILEFLAGS 0x0L 15 | #endif 16 | FILEOS VOS__WINDOWS32 17 | FILETYPE VFT_DLL 18 | FILESUBTYPE 0x0L 19 | BEGIN 20 | BLOCK "StringFileInfo" 21 | BEGIN 22 | BLOCK "040904E4" 23 | BEGIN 24 | VALUE "FileDescription", "Library to support the Windows XML Event Log (EVTX) data types\0" 25 | VALUE "FileVersion", "@VERSION@" "\0" 26 | VALUE "InternalName", "libfwevt.dll\0" 27 | VALUE "LegalCopyright", "(C) 2011-2024, Joachim Metz \0" 28 | VALUE "OriginalFilename", "libfwevt.dll\0" 29 | VALUE "ProductName", "libfwevt\0" 30 | VALUE "ProductVersion", "@VERSION@" "\0" 31 | VALUE "Comments", "For more information visit https://github.com/libyal/libfwevt/\0" 32 | END 33 | END 34 | BLOCK "VarFileInfo" 35 | BEGIN 36 | VALUE "Translation", 0x0409, 1200 37 | END 38 | END 39 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_channel.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Channel functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_CHANNEL_H ) 23 | #define _LIBFWEVT_CHANNEL_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | #include "libfwevt_libcerror.h" 30 | #include "libfwevt_types.h" 31 | 32 | #if defined( __cplusplus ) 33 | extern "C" { 34 | #endif 35 | 36 | typedef struct libfwevt_internal_channel libfwevt_internal_channel_t; 37 | 38 | struct libfwevt_internal_channel 39 | { 40 | /* The identifier 41 | */ 42 | uint32_t identifier; 43 | 44 | /* The name 45 | */ 46 | uint8_t *name; 47 | 48 | /* The name size 49 | */ 50 | size_t name_size; 51 | }; 52 | 53 | int libfwevt_channel_initialize( 54 | libfwevt_channel_t **channel, 55 | libcerror_error_t **error ); 56 | 57 | LIBFWEVT_EXTERN \ 58 | int libfwevt_channel_free( 59 | libfwevt_channel_t **channel, 60 | libcerror_error_t **error ); 61 | 62 | int libfwevt_internal_channel_free( 63 | libfwevt_internal_channel_t **internal_channel, 64 | libcerror_error_t **error ); 65 | 66 | int libfwevt_channel_read_data( 67 | libfwevt_channel_t *channel, 68 | const uint8_t *data, 69 | size_t data_size, 70 | size_t data_offset, 71 | libcerror_error_t **error ); 72 | 73 | LIBFWEVT_EXTERN \ 74 | int libfwevt_channel_get_identifier( 75 | libfwevt_channel_t *channel, 76 | uint32_t *identifier, 77 | libcerror_error_t **error ); 78 | 79 | LIBFWEVT_EXTERN \ 80 | int libfwevt_channel_get_utf8_name_size( 81 | libfwevt_channel_t *channel, 82 | size_t *utf8_string_size, 83 | libcerror_error_t **error ); 84 | 85 | LIBFWEVT_EXTERN \ 86 | int libfwevt_channel_get_utf8_name( 87 | libfwevt_channel_t *channel, 88 | uint8_t *utf8_string, 89 | size_t utf8_string_size, 90 | libcerror_error_t **error ); 91 | 92 | LIBFWEVT_EXTERN \ 93 | int libfwevt_channel_get_utf16_name_size( 94 | libfwevt_channel_t *channel, 95 | size_t *utf16_string_size, 96 | libcerror_error_t **error ); 97 | 98 | LIBFWEVT_EXTERN \ 99 | int libfwevt_channel_get_utf16_name( 100 | libfwevt_channel_t *channel, 101 | uint16_t *utf16_string, 102 | size_t utf16_string_size, 103 | libcerror_error_t **error ); 104 | 105 | #if defined( __cplusplus ) 106 | } 107 | #endif 108 | 109 | #endif /* !defined( _LIBFWEVT_CHANNEL_H ) */ 110 | 111 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_data_segment.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Data segment functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_DATA_SEGMENT_H ) 23 | #define _LIBFWEVT_DATA_SEGMENT_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_libcerror.h" 29 | #include "libfwevt_libfdatetime.h" 30 | #include "libfwevt_libfguid.h" 31 | #include "libfwevt_libfwnt.h" 32 | 33 | #if defined( __cplusplus ) 34 | extern "C" { 35 | #endif 36 | 37 | typedef struct libfwevt_data_segment libfwevt_data_segment_t; 38 | 39 | struct libfwevt_data_segment 40 | { 41 | /* The data 42 | */ 43 | uint8_t *data; 44 | 45 | /* The data size 46 | */ 47 | size_t data_size; 48 | 49 | /* The cached value type 50 | */ 51 | uint8_t cached_value_type; 52 | 53 | /* The cached value 54 | */ 55 | union 56 | { 57 | /* Cached 64-bit value 58 | */ 59 | uint64_t value_64bit; 60 | 61 | /* Cached GUID value 62 | */ 63 | libfguid_identifier_t *guid; 64 | 65 | /* Cached FILETIME value 66 | */ 67 | libfdatetime_filetime_t *filetime; 68 | 69 | /* Cached SYSTEMTIME value 70 | */ 71 | libfdatetime_systemtime_t *systemtime; 72 | 73 | /* Cached NT security identifier value 74 | */ 75 | libfwnt_security_identifier_t *security_identifier; 76 | }; 77 | }; 78 | 79 | int libfwevt_data_segment_initialize( 80 | libfwevt_data_segment_t **data_segment, 81 | const uint8_t *data, 82 | size_t data_size, 83 | libcerror_error_t **error ); 84 | 85 | int libfwevt_data_segment_free( 86 | libfwevt_data_segment_t **data_segment, 87 | libcerror_error_t **error ); 88 | 89 | #if defined( __cplusplus ) 90 | } 91 | #endif 92 | 93 | #endif /* !defined( _LIBFWEVT_DATA_SEGMENT_H ) */ 94 | 95 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_date_time.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Date and time functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_DATE_TIME_H ) 23 | #define _LIBFWEVT_DATE_TIME_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_libcerror.h" 29 | 30 | #if defined( __cplusplus ) 31 | extern "C" { 32 | #endif 33 | 34 | int libfwevt_filetime_copy_from_utf16_stream( 35 | uint64_t *filetime, 36 | const uint8_t *utf16_stream, 37 | size_t utf16_stream_size, 38 | libcerror_error_t **error ); 39 | 40 | #if defined( __cplusplus ) 41 | } 42 | #endif 43 | 44 | #endif /* !defined( _LIBFWEVT_DATE_TIME_H ) */ 45 | 46 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_debug.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Debug functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_DEBUG_H ) 23 | #define _LIBFWEVT_DEBUG_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_libcerror.h" 29 | #include "libfwevt_types.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | #if defined( HAVE_DEBUG_OUTPUT ) 36 | 37 | void libfwevt_debug_print_input_data_type( 38 | uint8_t input_data_type ); 39 | 40 | void libfwevt_debug_print_output_data_type( 41 | uint8_t output_data_type ); 42 | 43 | void libfwevt_debug_print_value_type( 44 | uint8_t value_type ); 45 | 46 | int libfwevt_debug_print_guid_value( 47 | const char *function_name, 48 | const char *value_name, 49 | const uint8_t *byte_stream, 50 | size_t byte_stream_size, 51 | int byte_order, 52 | uint32_t string_format_flags, 53 | libcerror_error_t **error ); 54 | 55 | int libfwevt_debug_print_utf16_string_value( 56 | const char *function_name, 57 | const char *value_name, 58 | const uint8_t *byte_stream, 59 | size_t byte_stream_size, 60 | int byte_order, 61 | libcerror_error_t **error ); 62 | 63 | #endif /* defined( HAVE_DEBUG_OUTPUT ) */ 64 | 65 | #if defined( __cplusplus ) 66 | } 67 | #endif 68 | 69 | #endif /* !defined( _LIBFWEVT_DEBUG_H ) */ 70 | 71 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_error.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Error functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #include 23 | #include 24 | #include 25 | 26 | #include "libfwevt_error.h" 27 | #include "libfwevt_libcerror.h" 28 | 29 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 30 | 31 | /* Free an error and its elements 32 | */ 33 | void libfwevt_error_free( 34 | libfwevt_error_t **error ) 35 | { 36 | libcerror_error_free( 37 | (libcerror_error_t **) error ); 38 | } 39 | 40 | /* Prints a descriptive string of the error to the stream 41 | * Returns the number of printed characters if successful or -1 on error 42 | */ 43 | int libfwevt_error_fprint( 44 | libfwevt_error_t *error, 45 | FILE *stream ) 46 | { 47 | int print_count = 0; 48 | 49 | print_count = libcerror_error_fprint( 50 | (libcerror_error_t *) error, 51 | stream ); 52 | 53 | return( print_count ); 54 | } 55 | 56 | /* Prints a descriptive string of the error to the string 57 | * The end-of-string character is not included in the return value 58 | * Returns the number of printed characters if successful or -1 on error 59 | */ 60 | int libfwevt_error_sprint( 61 | libfwevt_error_t *error, 62 | char *string, 63 | size_t size ) 64 | { 65 | int print_count = 0; 66 | 67 | print_count = libcerror_error_sprint( 68 | (libcerror_error_t *) error, 69 | string, 70 | size ); 71 | 72 | return( print_count ); 73 | } 74 | 75 | /* Prints a backtrace of the error to the stream 76 | * Returns the number of printed characters if successful or -1 on error 77 | */ 78 | int libfwevt_error_backtrace_fprint( 79 | libfwevt_error_t *error, 80 | FILE *stream ) 81 | { 82 | int print_count = 0; 83 | 84 | print_count = libcerror_error_backtrace_fprint( 85 | (libcerror_error_t *) error, 86 | stream ); 87 | 88 | return( print_count ); 89 | } 90 | 91 | /* Prints a backtrace of the error to the string 92 | * The end-of-string character is not included in the return value 93 | * Returns the number of printed characters if successful or -1 on error 94 | */ 95 | int libfwevt_error_backtrace_sprint( 96 | libfwevt_error_t *error, 97 | char *string, 98 | size_t size ) 99 | { 100 | int print_count = 0; 101 | 102 | print_count = libcerror_error_backtrace_sprint( 103 | (libcerror_error_t *) error, 104 | string, 105 | size ); 106 | 107 | return( print_count ); 108 | } 109 | 110 | #endif /* !defined( HAVE_LOCAL_LIBFWEVT ) */ 111 | 112 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_error.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Error functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_INTERNAL_ERROR_H ) 23 | #define _LIBFWEVT_INTERNAL_ERROR_H 24 | 25 | #include 26 | #include 27 | #include 28 | 29 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 30 | #include 31 | #endif 32 | 33 | #include "libfwevt_extern.h" 34 | 35 | #if defined( __cplusplus ) 36 | extern "C" { 37 | #endif 38 | 39 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 40 | 41 | LIBFWEVT_EXTERN \ 42 | void libfwevt_error_free( 43 | libfwevt_error_t **error ); 44 | 45 | LIBFWEVT_EXTERN \ 46 | int libfwevt_error_fprint( 47 | libfwevt_error_t *error, 48 | FILE *stream ); 49 | 50 | LIBFWEVT_EXTERN \ 51 | int libfwevt_error_sprint( 52 | libfwevt_error_t *error, 53 | char *string, 54 | size_t size ); 55 | 56 | LIBFWEVT_EXTERN \ 57 | int libfwevt_error_backtrace_fprint( 58 | libfwevt_error_t *error, 59 | FILE *stream ); 60 | 61 | LIBFWEVT_EXTERN \ 62 | int libfwevt_error_backtrace_sprint( 63 | libfwevt_error_t *error, 64 | char *string, 65 | size_t size ); 66 | 67 | #endif /* !defined( HAVE_LOCAL_LIBFWEVT ) */ 68 | 69 | #if defined( __cplusplus ) 70 | } 71 | #endif 72 | 73 | #endif /* !defined( _LIBFWEVT_INTERNAL_ERROR_H ) */ 74 | 75 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_event.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Event functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_EVENT_H ) 23 | #define _LIBFWEVT_EVENT_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | #include "libfwevt_libcerror.h" 30 | #include "libfwevt_types.h" 31 | 32 | #if defined( __cplusplus ) 33 | extern "C" { 34 | #endif 35 | 36 | typedef struct libfwevt_internal_event libfwevt_internal_event_t; 37 | 38 | struct libfwevt_internal_event 39 | { 40 | /* The identifier 41 | */ 42 | uint16_t identifier; 43 | 44 | /* The version 45 | */ 46 | uint8_t version; 47 | 48 | /* The message identifier 49 | */ 50 | uint32_t message_identifier; 51 | 52 | /* The level offset 53 | */ 54 | uint32_t level_offset; 55 | 56 | /* The opcode offset 57 | */ 58 | uint32_t opcode_offset; 59 | 60 | /* The taks offset 61 | */ 62 | uint32_t task_offset; 63 | 64 | /* The template offset 65 | */ 66 | uint32_t template_offset; 67 | 68 | /* The flags 69 | */ 70 | uint32_t flags; 71 | }; 72 | 73 | int libfwevt_event_initialize( 74 | libfwevt_event_t **event, 75 | libcerror_error_t **error ); 76 | 77 | LIBFWEVT_EXTERN \ 78 | int libfwevt_event_free( 79 | libfwevt_event_t **event, 80 | libcerror_error_t **error ); 81 | 82 | int libfwevt_internal_event_free( 83 | libfwevt_internal_event_t **internal_event, 84 | libcerror_error_t **error ); 85 | 86 | int libfwevt_event_read_data( 87 | libfwevt_event_t *event, 88 | const uint8_t *data, 89 | size_t data_size, 90 | size_t data_offset, 91 | libcerror_error_t **error ); 92 | 93 | LIBFWEVT_EXTERN \ 94 | int libfwevt_event_get_identifier( 95 | libfwevt_event_t *event, 96 | uint32_t *identifier, 97 | libcerror_error_t **error ); 98 | 99 | LIBFWEVT_EXTERN \ 100 | int libfwevt_event_get_version( 101 | libfwevt_event_t *event, 102 | uint8_t *version, 103 | libcerror_error_t **error ); 104 | 105 | LIBFWEVT_EXTERN \ 106 | int libfwevt_event_get_message_identifier( 107 | libfwevt_event_t *event, 108 | uint32_t *message_identifier, 109 | libcerror_error_t **error ); 110 | 111 | LIBFWEVT_EXTERN \ 112 | int libfwevt_event_get_template_offset( 113 | libfwevt_event_t *event, 114 | uint32_t *template_offset, 115 | libcerror_error_t **error ); 116 | 117 | #if defined( __cplusplus ) 118 | } 119 | #endif 120 | 121 | #endif /* !defined( _LIBFWEVT_EVENT_H ) */ 122 | 123 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_extern.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The internal extern definition 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_INTERNAL_EXTERN_H ) 23 | #define _LIBFWEVT_INTERNAL_EXTERN_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBFWEVT for local use of libfwevt 28 | */ 29 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 30 | 31 | #include 32 | 33 | #if defined( __CYGWIN__ ) || defined( __MINGW32__ ) 34 | #define LIBFWEVT_EXTERN_VARIABLE extern 35 | #else 36 | #define LIBFWEVT_EXTERN_VARIABLE LIBFWEVT_EXTERN 37 | #endif 38 | 39 | #else 40 | #define LIBFWEVT_EXTERN /* extern */ 41 | #define LIBFWEVT_EXTERN_VARIABLE extern 42 | 43 | #endif /* !defined( HAVE_LOCAL_LIBFWEVT ) */ 44 | 45 | #endif /* !defined( _LIBFWEVT_INTERNAL_EXTERN_H ) */ 46 | 47 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_floating_point.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Floating point (IEEE 754) functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_FLOATING_POINT_H ) 23 | #define _LIBFWEVT_FLOATING_POINT_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_libcerror.h" 29 | 30 | #if defined( __cplusplus ) 31 | extern "C" { 32 | #endif 33 | 34 | int libfwevt_float32_get_string_size( 35 | uint32_t value_32bit, 36 | size_t *string_size, 37 | libcerror_error_t **error ); 38 | 39 | int libfwevt_float32_copy_to_utf8_string_with_index( 40 | uint32_t value_32bit, 41 | uint8_t *utf8_string, 42 | size_t utf8_string_size, 43 | size_t *utf8_string_index, 44 | libcerror_error_t **error ); 45 | 46 | int libfwevt_float32_copy_to_utf16_string_with_index( 47 | uint32_t value_32bit, 48 | uint16_t *utf16_string, 49 | size_t utf16_string_size, 50 | size_t *utf16_string_index, 51 | libcerror_error_t **error ); 52 | 53 | int libfwevt_float64_get_string_size( 54 | uint64_t value_64bit, 55 | size_t *string_size, 56 | libcerror_error_t **error ); 57 | 58 | int libfwevt_float64_copy_to_utf8_string_with_index( 59 | uint64_t value_64bit, 60 | uint8_t *utf8_string, 61 | size_t utf8_string_size, 62 | size_t *utf8_string_index, 63 | libcerror_error_t **error ); 64 | 65 | int libfwevt_float64_copy_to_utf16_string_with_index( 66 | uint64_t value_64bit, 67 | uint16_t *utf16_string, 68 | size_t utf16_string_size, 69 | size_t *utf16_string_index, 70 | libcerror_error_t **error ); 71 | 72 | #if defined( __cplusplus ) 73 | } 74 | #endif 75 | 76 | #endif /* !defined( _LIBFWEVT_FLOATING_POINT_H ) */ 77 | 78 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_keyword.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Keyword functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_KEYWORD_H ) 23 | #define _LIBFWEVT_KEYWORD_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | #include "libfwevt_libcerror.h" 30 | #include "libfwevt_types.h" 31 | 32 | #if defined( __cplusplus ) 33 | extern "C" { 34 | #endif 35 | 36 | typedef struct libfwevt_internal_keyword libfwevt_internal_keyword_t; 37 | 38 | struct libfwevt_internal_keyword 39 | { 40 | /* The identifier 41 | */ 42 | uint16_t identifier; 43 | }; 44 | 45 | int libfwevt_keyword_initialize( 46 | libfwevt_keyword_t **keyword, 47 | libcerror_error_t **error ); 48 | 49 | LIBFWEVT_EXTERN \ 50 | int libfwevt_keyword_free( 51 | libfwevt_keyword_t **keyword, 52 | libcerror_error_t **error ); 53 | 54 | int libfwevt_internal_keyword_free( 55 | libfwevt_internal_keyword_t **internal_keyword, 56 | libcerror_error_t **error ); 57 | 58 | int libfwevt_keyword_read_data( 59 | libfwevt_keyword_t *keyword, 60 | const uint8_t *data, 61 | size_t data_size, 62 | size_t data_offset, 63 | libcerror_error_t **error ); 64 | 65 | #if defined( __cplusplus ) 66 | } 67 | #endif 68 | 69 | #endif /* !defined( _LIBFWEVT_KEYWORD_H ) */ 70 | 71 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_level.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Level functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_LEVEL_H ) 23 | #define _LIBFWEVT_LEVEL_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | #include "libfwevt_libcerror.h" 30 | #include "libfwevt_types.h" 31 | 32 | #if defined( __cplusplus ) 33 | extern "C" { 34 | #endif 35 | 36 | typedef struct libfwevt_internal_level libfwevt_internal_level_t; 37 | 38 | struct libfwevt_internal_level 39 | { 40 | /* The identifier 41 | */ 42 | uint16_t identifier; 43 | }; 44 | 45 | int libfwevt_level_initialize( 46 | libfwevt_level_t **level, 47 | libcerror_error_t **error ); 48 | 49 | LIBFWEVT_EXTERN \ 50 | int libfwevt_level_free( 51 | libfwevt_level_t **level, 52 | libcerror_error_t **error ); 53 | 54 | int libfwevt_internal_level_free( 55 | libfwevt_internal_level_t **internal_level, 56 | libcerror_error_t **error ); 57 | 58 | int libfwevt_level_read_data( 59 | libfwevt_level_t *level, 60 | const uint8_t *data, 61 | size_t data_size, 62 | size_t data_offset, 63 | libcerror_error_t **error ); 64 | 65 | #if defined( __cplusplus ) 66 | } 67 | #endif 68 | 69 | #endif /* !defined( _LIBFWEVT_LEVEL_H ) */ 70 | 71 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_libcdata.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libcdata header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_LIBCDATA_H ) 23 | #define _LIBFWEVT_LIBCDATA_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBCDATA for local use of libcdata 28 | */ 29 | #if defined( HAVE_LOCAL_LIBCDATA ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | 40 | #else 41 | 42 | /* If libtool DLL support is enabled set LIBCDATA_DLL_IMPORT 43 | * before including libcdata.h 44 | */ 45 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 46 | #define LIBCDATA_DLL_IMPORT 47 | #endif 48 | 49 | #include 50 | 51 | #endif /* defined( HAVE_LOCAL_LIBCDATA ) */ 52 | 53 | #endif /* !defined( _LIBFWEVT_LIBCDATA_H ) */ 54 | 55 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_libcerror.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libcerror header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_LIBCERROR_H ) 23 | #define _LIBFWEVT_LIBCERROR_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBCERROR for local use of libcerror 28 | */ 29 | #if defined( HAVE_LOCAL_LIBCERROR ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | 36 | #else 37 | 38 | /* If libtool DLL support is enabled set LIBCERROR_DLL_IMPORT 39 | * before including libcerror.h 40 | */ 41 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 42 | #define LIBCERROR_DLL_IMPORT 43 | #endif 44 | 45 | #include 46 | 47 | #endif /* defined( HAVE_LOCAL_LIBCERROR ) */ 48 | 49 | #endif /* !defined( _LIBFWEVT_LIBCERROR_H ) */ 50 | 51 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_libcnotify.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libcnotify header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_LIBCNOTIFY_H ) 23 | #define _LIBFWEVT_LIBCNOTIFY_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBCNOTIFY for local use of libcnotify 28 | */ 29 | #if defined( HAVE_LOCAL_LIBCNOTIFY ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | 36 | #else 37 | 38 | /* If libtool DLL support is enabled set LIBCNOTIFY_DLL_IMPORT 39 | * before including libcnotify.h 40 | */ 41 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 42 | #define LIBCNOTIFY_DLL_IMPORT 43 | #endif 44 | 45 | #include 46 | 47 | #endif /* defined( HAVE_LOCAL_LIBCNOTIFY ) */ 48 | 49 | #endif /* !defined( _LIBFWEVT_LIBCNOTIFY_H ) */ 50 | 51 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_libfdatetime.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libfdatetime header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_LIBFDATETIME_H ) 23 | #define _LIBFWEVT_LIBFDATETIME_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBFDATETIME for local use of libfdatetime 28 | */ 29 | #if defined( HAVE_LOCAL_LIBFDATETIME ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | #include 40 | #include 41 | 42 | #else 43 | 44 | /* If libtool DLL support is enabled set LIBFDATETIME_DLL_IMPORT 45 | * before including libfdatetime.h 46 | */ 47 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 48 | #define LIBFDATETIME_DLL_IMPORT 49 | #endif 50 | 51 | #include 52 | 53 | #endif /* defined( HAVE_LOCAL_LIBFDATETIME ) */ 54 | 55 | #endif /* !defined( _LIBFWEVT_LIBFDATETIME_H ) */ 56 | 57 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_libfguid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libfguid header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_LIBFGUID_H ) 23 | #define _LIBFWEVT_LIBFGUID_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBFGUID for local use of libfguid 28 | */ 29 | #if defined( HAVE_LOCAL_LIBFGUID ) 30 | 31 | #include 32 | #include 33 | #include 34 | 35 | #else 36 | 37 | /* If libtool DLL support is enabled set LIBFGUID_DLL_IMPORT 38 | * before including libfguid.h 39 | */ 40 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 41 | #define LIBFGUID_DLL_IMPORT 42 | #endif 43 | 44 | #include 45 | 46 | #endif /* defined( HAVE_LOCAL_LIBFGUID ) */ 47 | 48 | #endif /* !defined( _LIBFWEVT_LIBFGUID_H ) */ 49 | 50 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_libfwnt.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libfwnt header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_LIBFWNT_H ) 23 | #define _LIBFWEVT_LIBFWNT_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBFWNT for local use of libfwnt 28 | */ 29 | #if defined( HAVE_LOCAL_LIBFWNT ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | #include 40 | #include 41 | #include 42 | #include 43 | 44 | #else 45 | 46 | /* If libtool DLL support is enabled set LIBFWNT_DLL_IMPORT 47 | * before including libfwnt.h 48 | */ 49 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 50 | #define LIBFWNT_DLL_IMPORT 51 | #endif 52 | 53 | #include 54 | 55 | #endif /* defined( HAVE_LOCAL_LIBFWNT ) */ 56 | 57 | #endif /* !defined( _LIBFWEVT_LIBFWNT_H ) */ 58 | 59 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_libuna.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libuna header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_LIBUNA_H ) 23 | #define _LIBFWEVT_LIBUNA_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBUNA for local use of libuna 28 | */ 29 | #if defined( HAVE_LOCAL_LIBUNA ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | #include 40 | #include 41 | #include 42 | #include 43 | #include 44 | #include 45 | 46 | #else 47 | 48 | /* If libtool DLL support is enabled set LIBUNA_DLL_IMPORT 49 | * before including libuna.h 50 | */ 51 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 52 | #define LIBUNA_DLL_IMPORT 53 | #endif 54 | 55 | #include 56 | 57 | #endif /* defined( HAVE_LOCAL_LIBUNA ) */ 58 | 59 | #endif /* !defined( _LIBFWEVT_LIBUNA_H ) */ 60 | 61 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_manifest.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Manifest functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_MANIFEST_H ) 23 | #define _LIBFWEVT_MANIFEST_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | #include "libfwevt_libcdata.h" 30 | #include "libfwevt_libcerror.h" 31 | #include "libfwevt_types.h" 32 | 33 | #if defined( __cplusplus ) 34 | extern "C" { 35 | #endif 36 | 37 | typedef struct libfwevt_internal_manifest libfwevt_internal_manifest_t; 38 | 39 | struct libfwevt_internal_manifest 40 | { 41 | /* The major version 42 | */ 43 | uint16_t major_version; 44 | 45 | /* The minor version 46 | */ 47 | uint16_t minor_version; 48 | 49 | /* The providers array 50 | */ 51 | libcdata_array_t *providers_array; 52 | }; 53 | 54 | LIBFWEVT_EXTERN \ 55 | int libfwevt_manifest_initialize( 56 | libfwevt_manifest_t **manifest, 57 | libcerror_error_t **error ); 58 | 59 | LIBFWEVT_EXTERN \ 60 | int libfwevt_manifest_free( 61 | libfwevt_manifest_t **manifest, 62 | libcerror_error_t **error ); 63 | 64 | LIBFWEVT_EXTERN \ 65 | int libfwevt_manifest_read( 66 | libfwevt_manifest_t *manifest, 67 | const uint8_t *data, 68 | size_t data_size, 69 | libcerror_error_t **error ); 70 | 71 | LIBFWEVT_EXTERN \ 72 | int libfwevt_manifest_get_number_of_providers( 73 | libfwevt_manifest_t *manifest, 74 | int *number_of_providers, 75 | libcerror_error_t **error ); 76 | 77 | LIBFWEVT_EXTERN \ 78 | int libfwevt_manifest_get_provider_by_index( 79 | libfwevt_manifest_t *manifest, 80 | int provider_index, 81 | libfwevt_provider_t **provider, 82 | libcerror_error_t **error ); 83 | 84 | LIBFWEVT_EXTERN \ 85 | int libfwevt_manifest_get_provider_by_identifier( 86 | libfwevt_manifest_t *manifest, 87 | const uint8_t *provider_identifier, 88 | size_t provider_identifier_size, 89 | libfwevt_provider_t **provider, 90 | libcerror_error_t **error ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _LIBFWEVT_MANIFEST_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_map.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Map functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_MAP_H ) 23 | #define _LIBFWEVT_MAP_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | #include "libfwevt_libcerror.h" 30 | #include "libfwevt_types.h" 31 | 32 | #if defined( __cplusplus ) 33 | extern "C" { 34 | #endif 35 | 36 | typedef struct libfwevt_internal_map libfwevt_internal_map_t; 37 | 38 | struct libfwevt_internal_map 39 | { 40 | /* The identifier 41 | */ 42 | uint16_t identifier; 43 | }; 44 | 45 | int libfwevt_map_initialize( 46 | libfwevt_map_t **map, 47 | libcerror_error_t **error ); 48 | 49 | LIBFWEVT_EXTERN \ 50 | int libfwevt_map_free( 51 | libfwevt_map_t **map, 52 | libcerror_error_t **error ); 53 | 54 | int libfwevt_internal_map_free( 55 | libfwevt_internal_map_t **internal_map, 56 | libcerror_error_t **error ); 57 | 58 | int libfwevt_map_read_data( 59 | libfwevt_map_t *map, 60 | const uint8_t *data, 61 | size_t data_size, 62 | size_t data_offset, 63 | libcerror_error_t **error ); 64 | 65 | #if defined( __cplusplus ) 66 | } 67 | #endif 68 | 69 | #endif /* !defined( _LIBFWEVT_MAP_H ) */ 70 | 71 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_notify.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Notification functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #include 23 | #include 24 | #include 25 | 26 | #if defined( HAVE_STDLIB_H ) || defined( WINAPI ) 27 | #include 28 | #endif 29 | 30 | #include "libfwevt_libcerror.h" 31 | #include "libfwevt_libcnotify.h" 32 | #include "libfwevt_notify.h" 33 | 34 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 35 | 36 | /* Sets the verbose notification 37 | */ 38 | void libfwevt_notify_set_verbose( 39 | int verbose ) 40 | { 41 | libcnotify_verbose_set( 42 | verbose ); 43 | } 44 | 45 | /* Sets the notification stream 46 | * Returns 1 if successful or -1 on error 47 | */ 48 | int libfwevt_notify_set_stream( 49 | FILE *stream, 50 | libcerror_error_t **error ) 51 | { 52 | static char *function = "libfwevt_notify_set_stream"; 53 | 54 | if( libcnotify_stream_set( 55 | stream, 56 | error ) != 1 ) 57 | { 58 | libcerror_error_set( 59 | error, 60 | LIBCERROR_ERROR_DOMAIN_RUNTIME, 61 | LIBCERROR_RUNTIME_ERROR_SET_FAILED, 62 | "%s: unable to set stream.", 63 | function ); 64 | 65 | return( -1 ); 66 | } 67 | return( 1 ); 68 | } 69 | 70 | /* Opens the notification stream using a filename 71 | * The stream is opened in append mode 72 | * Returns 1 if successful or -1 on error 73 | */ 74 | int libfwevt_notify_stream_open( 75 | const char *filename, 76 | libcerror_error_t **error ) 77 | { 78 | static char *function = "libfwevt_notify_stream_open"; 79 | 80 | if( libcnotify_stream_open( 81 | filename, 82 | error ) != 1 ) 83 | { 84 | libcerror_error_set( 85 | error, 86 | LIBCERROR_ERROR_DOMAIN_IO, 87 | LIBCERROR_IO_ERROR_OPEN_FAILED, 88 | "%s: unable to open stream.", 89 | function ); 90 | 91 | return( -1 ); 92 | } 93 | return( 1 ); 94 | } 95 | 96 | /* Closes the notification stream if opened using a filename 97 | * Returns 0 if successful or -1 on error 98 | */ 99 | int libfwevt_notify_stream_close( 100 | libcerror_error_t **error ) 101 | { 102 | static char *function = "libfwevt_notify_stream_close"; 103 | 104 | if( libcnotify_stream_close( 105 | error ) != 0 ) 106 | { 107 | libcerror_error_set( 108 | error, 109 | LIBCERROR_ERROR_DOMAIN_IO, 110 | LIBCERROR_IO_ERROR_OPEN_FAILED, 111 | "%s: unable to open stream.", 112 | function ); 113 | 114 | return( -1 ); 115 | } 116 | return( 0 ); 117 | } 118 | 119 | #endif /* !defined( HAVE_LOCAL_LIBFWEVT ) */ 120 | 121 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_notify.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Notification functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_NOTIFY_H ) 23 | #define _LIBFWEVT_NOTIFY_H 24 | 25 | #include 26 | #include 27 | #include 28 | 29 | #include "libfwevt_extern.h" 30 | #include "libfwevt_libcerror.h" 31 | 32 | #if defined( __cplusplus ) 33 | extern "C" { 34 | #endif 35 | 36 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 37 | 38 | LIBFWEVT_EXTERN \ 39 | void libfwevt_notify_set_verbose( 40 | int verbose ); 41 | 42 | LIBFWEVT_EXTERN \ 43 | int libfwevt_notify_set_stream( 44 | FILE *stream, 45 | libcerror_error_t **error ); 46 | 47 | LIBFWEVT_EXTERN \ 48 | int libfwevt_notify_stream_open( 49 | const char *filename, 50 | libcerror_error_t **error ); 51 | 52 | LIBFWEVT_EXTERN \ 53 | int libfwevt_notify_stream_close( 54 | libcerror_error_t **error ); 55 | 56 | #endif /* !defined( HAVE_LOCAL_LIBFWEVT ) */ 57 | 58 | #if defined( __cplusplus ) 59 | } 60 | #endif 61 | 62 | #endif /* !defined( _LIBFWEVT_NOTIFY_H ) */ 63 | 64 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_opcode.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Opcode functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_OPCODE_H ) 23 | #define _LIBFWEVT_OPCODE_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | #include "libfwevt_libcerror.h" 30 | #include "libfwevt_types.h" 31 | 32 | #if defined( __cplusplus ) 33 | extern "C" { 34 | #endif 35 | 36 | typedef struct libfwevt_internal_opcode libfwevt_internal_opcode_t; 37 | 38 | struct libfwevt_internal_opcode 39 | { 40 | /* The identifier 41 | */ 42 | uint16_t identifier; 43 | }; 44 | 45 | int libfwevt_opcode_initialize( 46 | libfwevt_opcode_t **opcode, 47 | libcerror_error_t **error ); 48 | 49 | LIBFWEVT_EXTERN \ 50 | int libfwevt_opcode_free( 51 | libfwevt_opcode_t **opcode, 52 | libcerror_error_t **error ); 53 | 54 | int libfwevt_internal_opcode_free( 55 | libfwevt_internal_opcode_t **internal_opcode, 56 | libcerror_error_t **error ); 57 | 58 | int libfwevt_opcode_read_data( 59 | libfwevt_opcode_t *opcode, 60 | const uint8_t *data, 61 | size_t data_size, 62 | size_t data_offset, 63 | libcerror_error_t **error ); 64 | 65 | #if defined( __cplusplus ) 66 | } 67 | #endif 68 | 69 | #endif /* !defined( _LIBFWEVT_OPCODE_H ) */ 70 | 71 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_support.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Support functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #include 23 | #include 24 | 25 | #include 26 | 27 | #include "libfwevt_definitions.h" 28 | #include "libfwevt_support.h" 29 | 30 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 31 | 32 | /* Returns the library version as a string 33 | */ 34 | const char *libfwevt_get_version( 35 | void ) 36 | { 37 | return( (const char *) LIBFWEVT_VERSION_STRING ); 38 | } 39 | 40 | #endif /* !defined( HAVE_LOCAL_LIBFWEVT ) */ 41 | 42 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_support.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Support functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_SUPPORT_H ) 23 | #define _LIBFWEVT_SUPPORT_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | 30 | #if defined( __cplusplus ) 31 | extern "C" { 32 | #endif 33 | 34 | #if !defined( HAVE_LOCAL_LIBFWEVT ) 35 | 36 | LIBFWEVT_EXTERN \ 37 | const char *libfwevt_get_version( 38 | void ); 39 | 40 | #endif /* !defined( HAVE_LOCAL_LIBFWEVT ) */ 41 | 42 | #if defined( __cplusplus ) 43 | } 44 | #endif 45 | 46 | #endif /* !defined( _LIBFWEVT_SUPPORT_H ) */ 47 | 48 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_task.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Task functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_TASK_H ) 23 | #define _LIBFWEVT_TASK_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_extern.h" 29 | #include "libfwevt_libcerror.h" 30 | #include "libfwevt_types.h" 31 | 32 | #if defined( __cplusplus ) 33 | extern "C" { 34 | #endif 35 | 36 | typedef struct libfwevt_internal_task libfwevt_internal_task_t; 37 | 38 | struct libfwevt_internal_task 39 | { 40 | /* The identifier 41 | */ 42 | uint32_t identifier; 43 | }; 44 | 45 | int libfwevt_task_initialize( 46 | libfwevt_task_t **task, 47 | libcerror_error_t **error ); 48 | 49 | LIBFWEVT_EXTERN \ 50 | int libfwevt_task_free( 51 | libfwevt_task_t **task, 52 | libcerror_error_t **error ); 53 | 54 | int libfwevt_internal_task_free( 55 | libfwevt_internal_task_t **internal_task, 56 | libcerror_error_t **error ); 57 | 58 | int libfwevt_task_read_data( 59 | libfwevt_task_t *task, 60 | const uint8_t *data, 61 | size_t data_size, 62 | size_t data_offset, 63 | libcerror_error_t **error ); 64 | 65 | #if defined( __cplusplus ) 66 | } 67 | #endif 68 | 69 | #endif /* !defined( _LIBFWEVT_TASK_H ) */ 70 | 71 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The internal type definitions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_INTERNAL_TYPES_H ) 23 | #define _LIBFWEVT_INTERNAL_TYPES_H 24 | 25 | #include 26 | #include 27 | 28 | /* Define HAVE_LOCAL_LIBFWEVT for local use of libfwevt 29 | * The definitions in are copied here 30 | * for local use of libfwevt 31 | */ 32 | #if defined( HAVE_LOCAL_LIBFWEVT ) 33 | 34 | /* The following type definitions hide internal data structures 35 | */ 36 | #if defined( HAVE_DEBUG_OUTPUT ) && !defined( WINAPI ) 37 | typedef struct libfwevt_channel {} libfwevt_channel_t; 38 | typedef struct libfwevt_event {} libfwevt_event_t; 39 | typedef struct libfwevt_keyword {} libfwevt_keyword_t; 40 | typedef struct libfwevt_level {} libfwevt_level_t; 41 | typedef struct libfwevt_manifest {} libfwevt_manifest_t; 42 | typedef struct libfwevt_map {} libfwevt_map_t; 43 | typedef struct libfwevt_opcode {} libfwevt_opcode_t; 44 | typedef struct libfwevt_provider {} libfwevt_provider_t; 45 | typedef struct libfwevt_task {} libfwevt_task_t; 46 | typedef struct libfwevt_template {} libfwevt_template_t; 47 | typedef struct libfwevt_template_item {} libfwevt_template_item_t; 48 | typedef struct libfwevt_xml_document {} libfwevt_xml_document_t; 49 | typedef struct libfwevt_xml_tag {} libfwevt_xml_tag_t; 50 | typedef struct libfwevt_xml_template_value {} libfwevt_xml_template_value_t; 51 | typedef struct libfwevt_xml_value {} libfwevt_xml_value_t; 52 | 53 | #else 54 | typedef intptr_t libfwevt_channel_t; 55 | typedef intptr_t libfwevt_event_t; 56 | typedef intptr_t libfwevt_keyword_t; 57 | typedef intptr_t libfwevt_level_t; 58 | typedef intptr_t libfwevt_manifest_t; 59 | typedef intptr_t libfwevt_map_t; 60 | typedef intptr_t libfwevt_opcode_t; 61 | typedef intptr_t libfwevt_provider_t; 62 | typedef intptr_t libfwevt_task_t; 63 | typedef intptr_t libfwevt_template_t; 64 | typedef intptr_t libfwevt_template_item_t; 65 | typedef intptr_t libfwevt_xml_document_t; 66 | typedef intptr_t libfwevt_xml_tag_t; 67 | typedef intptr_t libfwevt_xml_template_value_t; 68 | typedef intptr_t libfwevt_xml_value_t; 69 | 70 | #endif /* defined( HAVE_DEBUG_OUTPUT ) && !defined( WINAPI ) */ 71 | 72 | #endif /* defined( HAVE_LOCAL_LIBFWEVT ) */ 73 | 74 | #endif /* !defined( _LIBFWEVT_INTERNAL_TYPES_H ) */ 75 | 76 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_unused.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Definitions to silence compiler warnings about unused function attributes/parameters. 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_UNUSED_H ) 23 | #define _LIBFWEVT_UNUSED_H 24 | 25 | #include 26 | 27 | #if !defined( LIBFWEVT_ATTRIBUTE_UNUSED ) 28 | #if defined( __GNUC__ ) && __GNUC__ >= 3 29 | #define LIBFWEVT_ATTRIBUTE_UNUSED __attribute__ ((__unused__)) 30 | #else 31 | #define LIBFWEVT_ATTRIBUTE_UNUSED 32 | #endif 33 | #endif 34 | 35 | #if defined( _MSC_VER ) 36 | #define LIBFWEVT_UNREFERENCED_PARAMETER( parameter ) \ 37 | UNREFERENCED_PARAMETER( parameter ); 38 | #else 39 | #define LIBFWEVT_UNREFERENCED_PARAMETER( parameter ) \ 40 | /* parameter */ 41 | #endif 42 | 43 | #endif /* !defined( _LIBFWEVT_UNUSED_H ) */ 44 | 45 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_xml_string.h: -------------------------------------------------------------------------------- 1 | /* 2 | * XML string functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_XML_STRING_H ) 23 | #define _LIBFWEVT_XML_STRING_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_libcerror.h" 29 | #include "libfwevt_libuna.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | int libfwevt_utf8_xml_string_size_from_utf16_stream( 36 | const uint8_t *utf16_stream, 37 | size_t utf16_stream_size, 38 | int byte_order, 39 | size_t *utf8_string_size, 40 | libcerror_error_t **error ); 41 | 42 | int libfwevt_utf8_xml_string_with_index_copy_from_utf16_stream( 43 | libuna_utf8_character_t *utf8_string, 44 | size_t utf8_string_size, 45 | size_t *utf8_string_index, 46 | const uint8_t *utf16_stream, 47 | size_t utf16_stream_size, 48 | int byte_order, 49 | libcerror_error_t **error ); 50 | 51 | int libfwevt_utf16_xml_string_size_from_utf16_stream( 52 | const uint8_t *utf16_stream, 53 | size_t utf16_stream_size, 54 | int byte_order, 55 | size_t *utf16_string_size, 56 | libcerror_error_t **error ); 57 | 58 | int libfwevt_utf16_xml_string_with_index_copy_from_utf16_stream( 59 | libuna_utf16_character_t *utf16_string, 60 | size_t utf16_string_size, 61 | size_t *utf16_string_index, 62 | const uint8_t *utf16_stream, 63 | size_t utf16_stream_size, 64 | int byte_order, 65 | libcerror_error_t **error ); 66 | 67 | #if defined( __cplusplus ) 68 | } 69 | #endif 70 | 71 | #endif /* !defined( _LIBFWEVT_XML_STRING_H ) */ 72 | 73 | -------------------------------------------------------------------------------- /libfwevt/libfwevt_xml_token.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Windows Event Log binary XML token functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _LIBFWEVT_XML_TOKEN_H ) 23 | #define _LIBFWEVT_XML_TOKEN_H 24 | 25 | #include 26 | #include 27 | 28 | #include "libfwevt_libcerror.h" 29 | 30 | #if defined( __cplusplus ) 31 | extern "C" { 32 | #endif 33 | 34 | typedef struct libfwevt_xml_token libfwevt_xml_token_t; 35 | 36 | struct libfwevt_xml_token 37 | { 38 | /* The type 39 | */ 40 | uint8_t type; 41 | 42 | /* The size 43 | */ 44 | size_t size; 45 | }; 46 | 47 | int libfwevt_xml_token_initialize( 48 | libfwevt_xml_token_t **xml_token, 49 | libcerror_error_t **error ); 50 | 51 | int libfwevt_xml_token_free( 52 | libfwevt_xml_token_t **xml_token, 53 | libcerror_error_t **error ); 54 | 55 | int libfwevt_xml_token_read_data( 56 | libfwevt_xml_token_t *xml_token, 57 | const uint8_t *chunk_data, 58 | size_t chunk_data_size, 59 | size_t chunk_data_offset, 60 | libcerror_error_t **error ); 61 | 62 | #if defined( __cplusplus ) 63 | } 64 | #endif 65 | 66 | #endif /* !defined( _LIBFWEVT_XML_TOKEN_H ) */ 67 | 68 | -------------------------------------------------------------------------------- /m4/pthread.m4: -------------------------------------------------------------------------------- 1 | dnl Functions for pthread 2 | dnl 3 | dnl Version: 20240513 4 | 5 | dnl Function to detect if pthread is available 6 | AC_DEFUN([AX_PTHREAD_CHECK_LIB], 7 | [AS_IF( 8 | [test "x$ac_cv_enable_shared_libs" = xno || test "x$ac_cv_with_pthread" = xno], 9 | [ac_cv_pthread=no], 10 | [ac_cv_pthread=check 11 | dnl Check if parameters were provided 12 | dnl For both --with-pthread which returns "yes" and --with-pthread= which returns "" 13 | dnl treat them as auto-detection. 14 | AS_IF( 15 | [test "x$ac_cv_with_pthread" != x && test "x$ac_cv_with_pthread" != xauto-detect && test "x$ac_cv_with_pthread" != xyes], 16 | [AX_CHECK_LIB_DIRECTORY_EXISTS([pthread])]) 17 | ]) 18 | 19 | AS_IF( 20 | [test "x$ac_cv_pthread" = xcheck], 21 | [dnl Check for headers 22 | AC_CHECK_HEADERS([pthread.h]) 23 | 24 | AS_IF( 25 | [test "x$ac_cv_header_pthread_h" = xno], 26 | [ac_cv_pthread=no], 27 | [ac_cv_pthread=yes 28 | 29 | AX_CHECK_LIB_FUNCTIONS( 30 | [pthread], 31 | [pthread], 32 | [[pthread_create], 33 | [pthread_exit], 34 | [pthread_join], 35 | [pthread_cond_init], 36 | [pthread_cond_destroy], 37 | [pthread_cond_broadcast], 38 | [pthread_cond_signal], 39 | [pthread_cond_wait], 40 | [pthread_mutex_init], 41 | [pthread_mutex_destroy], 42 | [pthread_mutex_lock], 43 | [pthread_mutex_trylock], 44 | [pthread_mutex_unlock], 45 | [pthread_rwlock_init], 46 | [pthread_rwlock_destroy], 47 | [pthread_rwlock_rdlock], 48 | [pthread_rwlock_wrlock], 49 | [pthread_rwlock_unlock]]) 50 | 51 | ac_cv_pthread_LIBADD="-lpthread" 52 | ]) 53 | 54 | AX_CHECK_LIB_DIRECTORY_MSG_ON_FAILURE([pthread]) 55 | ]) 56 | 57 | AS_IF( 58 | [test "x$ac_cv_pthread" = xpthread], 59 | [AC_DEFINE( 60 | [HAVE_PTHREAD], 61 | [1], 62 | [Define to 1 if you have the 'pthread' library (-lpthread).]) 63 | ]) 64 | 65 | AS_IF( 66 | [test "x$ac_cv_pthread" != xno], 67 | [AC_SUBST( 68 | [HAVE_PTHREAD], 69 | [1]) ], 70 | [AC_SUBST( 71 | [HAVE_PTHREAD], 72 | [0]) 73 | ]) 74 | ]) 75 | 76 | dnl Function to detect how to enable pthread 77 | AC_DEFUN([AX_PTHREAD_CHECK_ENABLE], 78 | [AX_COMMON_ARG_WITH( 79 | [pthread], 80 | [pthread], 81 | [search for pthread in includedir and libdir or in the specified DIR, or no if not to use pthread], 82 | [auto-detect], 83 | [DIR]) 84 | 85 | dnl Check for a shared library version 86 | AX_PTHREAD_CHECK_LIB 87 | 88 | AS_IF( 89 | [test "x$ac_cv_pthread_CPPFLAGS" != "x"], 90 | [AC_SUBST( 91 | [PTHREAD_CPPFLAGS], 92 | [$ac_cv_pthread_CPPFLAGS]) 93 | ]) 94 | AS_IF( 95 | [test "x$ac_cv_pthread_LIBADD" != "x"], 96 | [AC_SUBST( 97 | [PTHREAD_LIBADD], 98 | [$ac_cv_pthread_LIBADD]) 99 | ]) 100 | 101 | AS_IF( 102 | [test "x$ac_cv_pthread" = xpthread], 103 | [AC_SUBST( 104 | [ax_pthread_pc_libs_private], 105 | [-lpthread]) 106 | ]) 107 | ]) 108 | 109 | -------------------------------------------------------------------------------- /m4/tests.m4: -------------------------------------------------------------------------------- 1 | dnl Functions for testing 2 | dnl 3 | dnl Version: 20200712 4 | 5 | dnl Function to detect if tests dependencies are available 6 | AC_DEFUN([AX_TESTS_CHECK_LOCAL], 7 | [AC_CHECK_HEADERS([dlfcn.h]) 8 | 9 | AC_CHECK_FUNCS([fmemopen getopt mkstemp setenv tzset unlink]) 10 | 11 | AC_CHECK_LIB( 12 | dl, 13 | dlsym) 14 | 15 | AS_IF( 16 | [test "x$lt_cv_prog_gnu_ld" = xyes && test "x$ac_cv_lib_dl_dlsym" = xyes], 17 | [AC_DEFINE( 18 | [HAVE_GNU_DL_DLSYM], 19 | [1], 20 | [Define to 1 if dlsym function is available in GNU dl.]) 21 | ]) 22 | ]) 23 | 24 | dnl Function to detect if OSS-Fuzz build environment is available 25 | AC_DEFUN([AX_TESTS_CHECK_OSSFUZZ], 26 | [AM_CONDITIONAL( 27 | HAVE_LIB_FUZZING_ENGINE, 28 | [test "x${LIB_FUZZING_ENGINE}" != x]) 29 | AC_SUBST( 30 | [LIB_FUZZING_ENGINE], 31 | ["${LIB_FUZZING_ENGINE}"]) 32 | ]) 33 | 34 | -------------------------------------------------------------------------------- /m4/types.m4: -------------------------------------------------------------------------------- 1 | dnl Functions for type definitions 2 | dnl 3 | dnl Version: 20180727 4 | 5 | dnl Function to detect if type definitions are available 6 | AC_DEFUN([AX_TYPES_CHECK_LOCAL], 7 | [AS_IF( 8 | [test "x$ac_cv_enable_winapi" = xyes], 9 | [ac_cv_enable_wide_character_type=yes]) 10 | 11 | AS_IF( 12 | [test "x$ac_cv_enable_wide_character_type" = xyes], 13 | [AC_DEFINE( 14 | [HAVE_WIDE_CHARACTER_TYPE], 15 | [1], 16 | [Define to 1 if wide character type should be used.]) 17 | AC_SUBST( 18 | [HAVE_WIDE_CHARACTER_TYPE], 19 | [1]) ], 20 | [AC_SUBST( 21 | [HAVE_WIDE_CHARACTER_TYPE], 22 | [0]) 23 | ]) 24 | 25 | AC_CHECK_HEADERS([sys/types.h inttypes.h stdint.h wchar.h]) 26 | 27 | AS_IF( 28 | [test "x$ac_cv_header_sys_types_h" = xyes], 29 | [AC_SUBST( 30 | [HAVE_SYS_TYPES_H], 31 | [1])], 32 | [AC_SUBST( 33 | [HAVE_SYS_TYPES_H], 34 | [0]) 35 | ]) 36 | 37 | AS_IF( 38 | [test "x$ac_cv_header_inttypes_h" = xyes], 39 | [AC_SUBST( 40 | [HAVE_INTTYPES_H], 41 | [1])], 42 | [AC_SUBST( 43 | [HAVE_INTTYPES_H], 44 | [0]) 45 | ]) 46 | 47 | AS_IF( 48 | [test "x$ac_cv_header_stdint_h" = xyes], 49 | [AC_SUBST( 50 | [HAVE_STDINT_H], 51 | [1])], 52 | [AC_SUBST( 53 | [HAVE_STDINT_H], 54 | [0]) 55 | ]) 56 | 57 | AS_IF( 58 | [test "x$ac_cv_header_wchar_h" = xyes], 59 | [AC_SUBST( 60 | [HAVE_WCHAR_H], 61 | [1]) ], 62 | [AC_SUBST( 63 | [HAVE_WCHAR_H], 64 | [0]) 65 | ]) 66 | 67 | AC_TYPE_MODE_T 68 | AC_TYPE_OFF_T 69 | AC_TYPE_SIZE_T 70 | 71 | AC_CHECK_TYPE( 72 | [size32_t], 73 | [AC_SUBST( 74 | [HAVE_SIZE32_T], 75 | [1])], 76 | [AC_SUBST( 77 | [HAVE_SIZE32_T], 78 | [0]) 79 | ]) 80 | 81 | AC_CHECK_TYPE( 82 | [ssize32_t], 83 | [AC_SUBST( 84 | [HAVE_SSIZE32_T], 85 | [1])], 86 | [AC_SUBST( 87 | [HAVE_SSIZE32_T], 88 | [0]) 89 | ]) 90 | 91 | AC_CHECK_TYPE( 92 | [size64_t], 93 | [AC_SUBST( 94 | [HAVE_SIZE64_T], 95 | [1])], 96 | [AC_SUBST( 97 | [HAVE_SIZE64_T], 98 | [0]) 99 | ]) 100 | 101 | AC_CHECK_TYPE( 102 | [ssize64_t], 103 | [AC_SUBST( 104 | [HAVE_SSIZE64_T], 105 | [1])], 106 | [AC_SUBST( 107 | [HAVE_SSIZE64_T], 108 | [0]) 109 | ]) 110 | 111 | AC_CHECK_TYPE( 112 | [off64_t], 113 | [AC_SUBST( 114 | [HAVE_OFF64_T], 115 | [1])], 116 | [AC_SUBST( 117 | [HAVE_OFF64_T], 118 | [0]) 119 | ]) 120 | 121 | AC_CHECK_TYPE([ssize_t]) 122 | AC_CHECK_TYPE([u64]) 123 | 124 | AC_CHECK_SIZEOF([int]) 125 | AC_CHECK_SIZEOF([long]) 126 | AC_CHECK_SIZEOF([off_t]) 127 | AC_CHECK_SIZEOF([size_t]) 128 | 129 | AS_IF( 130 | [test "x$ac_cv_header_wchar_h" = xyes], 131 | [AC_CHECK_SIZEOF([wchar_t])]) 132 | ]) 133 | 134 | -------------------------------------------------------------------------------- /manuals/Makefile.am: -------------------------------------------------------------------------------- 1 | man_MANS = \ 2 | libfwevt.3 3 | 4 | EXTRA_DIST = \ 5 | libfwevt.3 6 | 7 | DISTCLEANFILES = \ 8 | Makefile \ 9 | Makefile.in 10 | 11 | -------------------------------------------------------------------------------- /msvscpp/Makefile.am: -------------------------------------------------------------------------------- 1 | MSVSCPP_FILES = \ 2 | fwevt_test_channel/fwevt_test_channel.vcproj \ 3 | fwevt_test_data_segment/fwevt_test_data_segment.vcproj \ 4 | fwevt_test_date_time/fwevt_test_date_time.vcproj \ 5 | fwevt_test_error/fwevt_test_error.vcproj \ 6 | fwevt_test_event/fwevt_test_event.vcproj \ 7 | fwevt_test_floating_point/fwevt_test_floating_point.vcproj \ 8 | fwevt_test_integer/fwevt_test_integer.vcproj \ 9 | fwevt_test_keyword/fwevt_test_keyword.vcproj \ 10 | fwevt_test_level/fwevt_test_level.vcproj \ 11 | fwevt_test_manifest/fwevt_test_manifest.vcproj \ 12 | fwevt_test_map/fwevt_test_map.vcproj \ 13 | fwevt_test_notify/fwevt_test_notify.vcproj \ 14 | fwevt_test_opcode/fwevt_test_opcode.vcproj \ 15 | fwevt_test_provider/fwevt_test_provider.vcproj \ 16 | fwevt_test_support/fwevt_test_support.vcproj \ 17 | fwevt_test_task/fwevt_test_task.vcproj \ 18 | fwevt_test_template/fwevt_test_template.vcproj \ 19 | fwevt_test_template_item/fwevt_test_template_item.vcproj \ 20 | fwevt_test_xml_document/fwevt_test_xml_document.vcproj \ 21 | fwevt_test_xml_tag/fwevt_test_xml_tag.vcproj \ 22 | fwevt_test_xml_template_value/fwevt_test_xml_template_value.vcproj \ 23 | fwevt_test_xml_token/fwevt_test_xml_token.vcproj \ 24 | fwevt_test_xml_value/fwevt_test_xml_value.vcproj \ 25 | libcdata/libcdata.vcproj \ 26 | libcerror/libcerror.vcproj \ 27 | libcnotify/libcnotify.vcproj \ 28 | libcthreads/libcthreads.vcproj \ 29 | libfdatetime/libfdatetime.vcproj \ 30 | libfguid/libfguid.vcproj \ 31 | libfwevt/libfwevt.vcproj \ 32 | libfwnt/libfwnt.vcproj \ 33 | libuna/libuna.vcproj \ 34 | pyfwevt/pyfwevt.vcproj \ 35 | libfwevt.sln 36 | 37 | EXTRA_DIST = \ 38 | $(MSVSCPP_FILES) 39 | 40 | DISTCLEANFILES = \ 41 | Makefile \ 42 | Makefile.in 43 | 44 | -------------------------------------------------------------------------------- /ossfuzz/Makefile.am: -------------------------------------------------------------------------------- 1 | if HAVE_LIB_FUZZING_ENGINE 2 | AM_CPPFLAGS = \ 3 | -I../include -I$(top_srcdir)/include \ 4 | -I../common -I$(top_srcdir)/common 5 | 6 | bin_PROGRAMS = \ 7 | manifest_fuzzer \ 8 | xml_document_fuzzer 9 | 10 | manifest_fuzzer_SOURCES = \ 11 | manifest_fuzzer.cc \ 12 | ossfuzz_libfwevt.h 13 | 14 | manifest_fuzzer_LDADD = \ 15 | @LIB_FUZZING_ENGINE@ \ 16 | ../libfwevt/libfwevt.la 17 | 18 | xml_document_fuzzer_SOURCES = \ 19 | ossfuzz_libfwevt.h \ 20 | xml_document_fuzzer.cc 21 | 22 | xml_document_fuzzer_LDADD = \ 23 | @LIB_FUZZING_ENGINE@ \ 24 | ../libfwevt/libfwevt.la 25 | endif 26 | 27 | DISTCLEANFILES = \ 28 | Makefile \ 29 | Makefile.in 30 | 31 | splint-local: 32 | @echo "Running splint on manifest_fuzzer ..." 33 | -splint -preproc -redef $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(manifest_fuzzer_SOURCES) 34 | @echo "Running splint on xml_document_fuzzer ..." 35 | -splint -preproc -redef $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(xml_document_fuzzer_SOURCES) 36 | 37 | -------------------------------------------------------------------------------- /ossfuzz/manifest_fuzzer.cc: -------------------------------------------------------------------------------- 1 | /* 2 | * OSS-Fuzz target for libfwevt manifest type 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #include 23 | #include 24 | 25 | /* Note that some of the OSS-Fuzz engines use C++ 26 | */ 27 | extern "C" { 28 | 29 | #include "ossfuzz_libfwevt.h" 30 | 31 | int LLVMFuzzerTestOneInput( 32 | const uint8_t *data, 33 | size_t size ) 34 | { 35 | libfwevt_manifest_t *manifest = NULL; 36 | 37 | if( libfwevt_manifest_initialize( 38 | &manifest, 39 | NULL ) != 1 ) 40 | { 41 | return( 0 ); 42 | } 43 | libfwevt_manifest_read( 44 | manifest, 45 | data, 46 | size, 47 | NULL ); 48 | 49 | libfwevt_manifest_free( 50 | &manifest, 51 | NULL ); 52 | 53 | return( 0 ); 54 | } 55 | 56 | } /* extern "C" */ 57 | 58 | -------------------------------------------------------------------------------- /ossfuzz/ossfuzz_libfwevt.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libfwevt header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _OSSFUZZ_LIBFWEVT_H ) 23 | #define _OSSFUZZ_LIBFWEVT_H 24 | 25 | #include 26 | 27 | #include 28 | 29 | #endif /* !defined( _OSSFUZZ_LIBFWEVT_H ) */ 30 | 31 | -------------------------------------------------------------------------------- /ossfuzz/xml_document_fuzzer.cc: -------------------------------------------------------------------------------- 1 | /* 2 | * OSS-Fuzz target for libfwevt xml_document type 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #include 23 | #include 24 | 25 | /* Note that some of the OSS-Fuzz engines use C++ 26 | */ 27 | extern "C" { 28 | 29 | #include "ossfuzz_libfwevt.h" 30 | 31 | int LLVMFuzzerTestOneInput( 32 | const uint8_t *data, 33 | size_t size ) 34 | { 35 | libfwevt_xml_document_t *xml_document = NULL; 36 | 37 | if( libfwevt_xml_document_initialize( 38 | &xml_document, 39 | NULL ) != 1 ) 40 | { 41 | return( 0 ); 42 | } 43 | libfwevt_xml_document_read( 44 | xml_document, 45 | data, 46 | size, 47 | 0, 48 | 1252, 49 | LIBFWEVT_XML_DOCUMENT_READ_FLAG_HAS_DATA_OFFSETS | LIBFWEVT_XML_DOCUMENT_READ_FLAG_HAS_DATA_OFFSETS, 50 | NULL ); 51 | 52 | libfwevt_xml_document_free( 53 | &xml_document, 54 | NULL ); 55 | 56 | return( 0 ); 57 | } 58 | 59 | } /* extern "C" */ 60 | 61 | -------------------------------------------------------------------------------- /po/ChangeLog: -------------------------------------------------------------------------------- 1 | 2016-11-04 gettextize 2 | -------------------------------------------------------------------------------- /po/Makevars.in: -------------------------------------------------------------------------------- 1 | # Makefile variables for PO directory in any package using GNU gettext. 2 | 3 | # Usually the message domain is the same as the package name. 4 | DOMAIN = @PACKAGE@ 5 | 6 | # These two variables depend on the location of this directory. 7 | subdir = po 8 | top_builddir = .. 9 | 10 | # These options get passed to xgettext. 11 | XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ 12 | 13 | # This is the copyright holder that gets inserted into the header of the 14 | # $(DOMAIN).pot file. Set this to the copyright holder of the surrounding 15 | # package. (Note that the msgstr strings, extracted from the package's 16 | # sources, belong to the copyright holder of the package.) Translators are 17 | # expected to transfer the copyright for their translations to this person 18 | # or entity, or to disclaim their copyright. The empty string stands for 19 | # the public domain; in this case the translators are expected to disclaim 20 | # their copyright. 21 | COPYRIGHT_HOLDER = Joachim Metz 22 | 23 | # This is the email address or URL to which the translators shall report 24 | # bugs in the untranslated strings: 25 | # - Strings which are not entire sentences, see the maintainer guidelines 26 | # in the GNU gettext documentation, section 'Preparing Strings'. 27 | # - Strings which use unclear terms or require additional context to be 28 | # understood. 29 | # - Strings which make invalid assumptions about notation of date, time or 30 | # money. 31 | # - Pluralisation problems. 32 | # - Incorrect English spelling. 33 | # - Incorrect formatting. 34 | # It can be your email address, or a mailing list address where translators 35 | # can write to without being subscribed, or the URL of a web page through 36 | # which the translators can contact you. 37 | MSGID_BUGS_ADDRESS = @PACKAGE_BUGREPORT@ 38 | 39 | # This is the list of locale categories, beyond LC_MESSAGES, for which the 40 | # message catalogs shall be used. It is usually empty. 41 | EXTRA_LOCALE_CATEGORIES = 42 | 43 | # Additional make targets. 44 | sources splint: 45 | 46 | -------------------------------------------------------------------------------- /po/POTFILES.in: -------------------------------------------------------------------------------- 1 | # List of source files which contain translatable strings. 2 | -------------------------------------------------------------------------------- /pyfwevt/Makefile.am: -------------------------------------------------------------------------------- 1 | if HAVE_PYTHON 2 | AM_CFLAGS = \ 3 | -I../include -I$(top_srcdir)/include \ 4 | -I../common -I$(top_srcdir)/common \ 5 | @LIBCERROR_CPPFLAGS@ \ 6 | @LIBCDATA_CPPFLAGS@ \ 7 | @LIBFGUID_CPPFLAGS@ \ 8 | @LIBFWEVT_DLL_IMPORT@ 9 | 10 | pyexec_LTLIBRARIES = pyfwevt.la 11 | 12 | pyfwevt_la_SOURCES = \ 13 | pyfwevt.c pyfwevt.h \ 14 | pyfwevt_channel.c pyfwevt_channel.h \ 15 | pyfwevt_channels.c pyfwevt_channels.h \ 16 | pyfwevt_error.c pyfwevt_error.h \ 17 | pyfwevt_event.c pyfwevt_event.h \ 18 | pyfwevt_events.c pyfwevt_events.h \ 19 | pyfwevt_guid.c pyfwevt_guid.h \ 20 | pyfwevt_integer.c pyfwevt_integer.h \ 21 | pyfwevt_keyword.c pyfwevt_keyword.h \ 22 | pyfwevt_keywords.c pyfwevt_keywords.h \ 23 | pyfwevt_level.c pyfwevt_level.h \ 24 | pyfwevt_levels.c pyfwevt_levels.h \ 25 | pyfwevt_libcerror.h \ 26 | pyfwevt_libfguid.h \ 27 | pyfwevt_libfwevt.h \ 28 | pyfwevt_manifest.c pyfwevt_manifest.h \ 29 | pyfwevt_map.c pyfwevt_map.h \ 30 | pyfwevt_maps.c pyfwevt_maps.h \ 31 | pyfwevt_opcode.c pyfwevt_opcode.h \ 32 | pyfwevt_opcodes.c pyfwevt_opcodes.h \ 33 | pyfwevt_provider.c pyfwevt_provider.h \ 34 | pyfwevt_providers.c pyfwevt_providers.h \ 35 | pyfwevt_python.h \ 36 | pyfwevt_task.c pyfwevt_task.h \ 37 | pyfwevt_tasks.c pyfwevt_tasks.h \ 38 | pyfwevt_template.c pyfwevt_template.h \ 39 | pyfwevt_template_item.c pyfwevt_template_item.h \ 40 | pyfwevt_template_items.c pyfwevt_template_items.h \ 41 | pyfwevt_templates.c pyfwevt_templates.h \ 42 | pyfwevt_unused.h 43 | 44 | pyfwevt_la_LIBADD = \ 45 | @LIBCERROR_LIBADD@ \ 46 | ../libfwevt/libfwevt.la \ 47 | @LIBCDATA_LIBADD@ \ 48 | @LIBFGUID_LIBADD@ 49 | 50 | pyfwevt_la_CPPFLAGS = $(PYTHON_CPPFLAGS) 51 | pyfwevt_la_LDFLAGS = -module -avoid-version $(PYTHON_LDFLAGS) 52 | 53 | endif 54 | 55 | DISTCLEANFILES = \ 56 | Makefile \ 57 | Makefile.in 58 | 59 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python bindings module for libfwevt (pyfwevt) 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_H ) 23 | #define _PYFWEVT_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_python.h" 29 | 30 | #if defined( __cplusplus ) 31 | extern "C" { 32 | #endif 33 | 34 | PyObject *pyfwevt_get_version( 35 | PyObject *self, 36 | PyObject *arguments ); 37 | 38 | #if PY_MAJOR_VERSION >= 3 39 | PyMODINIT_FUNC PyInit_pyfwevt( 40 | void ); 41 | #else 42 | PyMODINIT_FUNC initpyfwevt( 43 | void ); 44 | #endif 45 | 46 | #if defined( __cplusplus ) 47 | } 48 | #endif 49 | 50 | #endif /* !defined( _PYFWEVT_H ) */ 51 | 52 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_channel.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_channel_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_CHANNEL_H ) 23 | #define _PYFWEVT_CHANNEL_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_channel pyfwevt_channel_t; 36 | 37 | struct pyfwevt_channel 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt channel 44 | */ 45 | libfwevt_channel_t *channel; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_channel_object_methods[]; 53 | extern PyTypeObject pyfwevt_channel_type_object; 54 | 55 | PyObject *pyfwevt_channel_new( 56 | libfwevt_channel_t *channel, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_channel_init( 60 | pyfwevt_channel_t *pyfwevt_channel, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_channel_free( 65 | pyfwevt_channel_t *pyfwevt_channel ); 66 | 67 | PyObject *pyfwevt_channel_get_identifier( 68 | pyfwevt_channel_t *pyfwevt_channel, 69 | PyObject *arguments ); 70 | 71 | PyObject *pyfwevt_channel_get_name( 72 | pyfwevt_channel_t *pyfwevt_channel, 73 | PyObject *arguments ); 74 | 75 | #if defined( __cplusplus ) 76 | } 77 | #endif 78 | 79 | #endif /* !defined( _PYFWEVT_CHANNEL_H ) */ 80 | 81 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_channels.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of channels 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_CHANNELS_H ) 23 | #define _PYFWEVT_CHANNELS_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_channels pyfwevt_channels_t; 36 | 37 | struct pyfwevt_channels 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_channels_type_object; 63 | 64 | PyObject *pyfwevt_channels_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_channels_init( 72 | pyfwevt_channels_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_channels_free( 77 | pyfwevt_channels_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_channels_len( 80 | pyfwevt_channels_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_channels_getitem( 83 | pyfwevt_channels_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_channels_iter( 87 | pyfwevt_channels_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_channels_iternext( 90 | pyfwevt_channels_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_CHANNELS_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_error.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Error functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_ERROR_H ) 23 | #define _PYFWEVT_ERROR_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libcerror.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #define PYFWEVT_ERROR_STRING_SIZE 2048 32 | 33 | #if defined( __cplusplus ) 34 | extern "C" { 35 | #endif 36 | 37 | void pyfwevt_error_fetch( 38 | libcerror_error_t **error, 39 | int error_domain, 40 | int error_code, 41 | const char *format_string, 42 | ... ); 43 | 44 | void pyfwevt_error_fetch_and_raise( 45 | PyObject *exception_object, 46 | const char *format_string, 47 | ... ); 48 | 49 | void pyfwevt_error_raise( 50 | libcerror_error_t *error, 51 | PyObject *exception_object, 52 | const char *format_string, 53 | ... ); 54 | 55 | #if defined( __cplusplus ) 56 | } 57 | #endif 58 | 59 | #endif /* !defined( _PYFWEVT_ERROR_H ) */ 60 | 61 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_event.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_event_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_EVENT_H ) 23 | #define _PYFWEVT_EVENT_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_event pyfwevt_event_t; 36 | 37 | struct pyfwevt_event 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt event 44 | */ 45 | libfwevt_event_t *event; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_event_object_methods[]; 53 | extern PyTypeObject pyfwevt_event_type_object; 54 | 55 | PyObject *pyfwevt_event_new( 56 | libfwevt_event_t *event, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_event_init( 60 | pyfwevt_event_t *pyfwevt_event, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_event_free( 65 | pyfwevt_event_t *pyfwevt_event ); 66 | 67 | PyObject *pyfwevt_event_get_identifier( 68 | pyfwevt_event_t *pyfwevt_event, 69 | PyObject *arguments ); 70 | 71 | PyObject *pyfwevt_event_get_version( 72 | pyfwevt_event_t *pyfwevt_event, 73 | PyObject *arguments ); 74 | 75 | PyObject *pyfwevt_event_get_message_identifier( 76 | pyfwevt_event_t *pyfwevt_event, 77 | PyObject *arguments ); 78 | 79 | PyObject *pyfwevt_event_get_template_offset( 80 | pyfwevt_event_t *pyfwevt_event, 81 | PyObject *arguments ); 82 | 83 | #if defined( __cplusplus ) 84 | } 85 | #endif 86 | 87 | #endif /* !defined( _PYFWEVT_EVENT_H ) */ 88 | 89 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_events.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of events 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_EVENTS_H ) 23 | #define _PYFWEVT_EVENTS_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_events pyfwevt_events_t; 36 | 37 | struct pyfwevt_events 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_events_type_object; 63 | 64 | PyObject *pyfwevt_events_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_events_init( 72 | pyfwevt_events_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_events_free( 77 | pyfwevt_events_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_events_len( 80 | pyfwevt_events_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_events_getitem( 83 | pyfwevt_events_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_events_iter( 87 | pyfwevt_events_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_events_iternext( 90 | pyfwevt_events_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_EVENTS_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_guid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * GUID functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_GUID_H ) 23 | #define _PYFWEVT_GUID_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_python.h" 29 | 30 | #if defined( __cplusplus ) 31 | extern "C" { 32 | #endif 33 | 34 | PyObject *pyfwevt_string_new_from_guid( 35 | const uint8_t *guid_buffer, 36 | size_t guid_buffer_size ); 37 | 38 | #if defined( __cplusplus ) 39 | } 40 | #endif 41 | 42 | #endif /* !defined( _PYFWEVT_GUID_H ) */ 43 | 44 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_integer.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Integer functions 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_INTEGER_H ) 23 | #define _PYFWEVT_INTEGER_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libcerror.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | PyObject *pyfwevt_integer_signed_new_from_64bit( 36 | int64_t value_64bit ); 37 | 38 | PyObject *pyfwevt_integer_unsigned_new_from_64bit( 39 | uint64_t value_64bit ); 40 | 41 | int pyfwevt_integer_signed_copy_to_64bit( 42 | PyObject *integer_object, 43 | int64_t *value_64bit, 44 | libcerror_error_t **error ); 45 | 46 | int pyfwevt_integer_unsigned_copy_to_64bit( 47 | PyObject *integer_object, 48 | uint64_t *value_64bit, 49 | libcerror_error_t **error ); 50 | 51 | #if defined( __cplusplus ) 52 | } 53 | #endif 54 | 55 | #endif /* !defined( _PYFWEVT_INTEGER_H ) */ 56 | 57 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_keyword.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_keyword_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_KEYWORD_H ) 23 | #define _PYFWEVT_KEYWORD_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_keyword pyfwevt_keyword_t; 36 | 37 | struct pyfwevt_keyword 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt keyword 44 | */ 45 | libfwevt_keyword_t *keyword; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_keyword_object_methods[]; 53 | extern PyTypeObject pyfwevt_keyword_type_object; 54 | 55 | PyObject *pyfwevt_keyword_new( 56 | libfwevt_keyword_t *keyword, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_keyword_init( 60 | pyfwevt_keyword_t *pyfwevt_keyword, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_keyword_free( 65 | pyfwevt_keyword_t *pyfwevt_keyword ); 66 | 67 | #if defined( __cplusplus ) 68 | } 69 | #endif 70 | 71 | #endif /* !defined( _PYFWEVT_KEYWORD_H ) */ 72 | 73 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_keywords.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of keywords 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_KEYWORDS_H ) 23 | #define _PYFWEVT_KEYWORDS_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_keywords pyfwevt_keywords_t; 36 | 37 | struct pyfwevt_keywords 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_keywords_type_object; 63 | 64 | PyObject *pyfwevt_keywords_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_keywords_init( 72 | pyfwevt_keywords_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_keywords_free( 77 | pyfwevt_keywords_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_keywords_len( 80 | pyfwevt_keywords_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_keywords_getitem( 83 | pyfwevt_keywords_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_keywords_iter( 87 | pyfwevt_keywords_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_keywords_iternext( 90 | pyfwevt_keywords_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_KEYWORDS_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_level.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_level_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_LEVEL_H ) 23 | #define _PYFWEVT_LEVEL_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_level pyfwevt_level_t; 36 | 37 | struct pyfwevt_level 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt level 44 | */ 45 | libfwevt_level_t *level; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_level_object_methods[]; 53 | extern PyTypeObject pyfwevt_level_type_object; 54 | 55 | PyObject *pyfwevt_level_new( 56 | libfwevt_level_t *level, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_level_init( 60 | pyfwevt_level_t *pyfwevt_level, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_level_free( 65 | pyfwevt_level_t *pyfwevt_level ); 66 | 67 | #if defined( __cplusplus ) 68 | } 69 | #endif 70 | 71 | #endif /* !defined( _PYFWEVT_LEVEL_H ) */ 72 | 73 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_levels.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of levels 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_LEVELS_H ) 23 | #define _PYFWEVT_LEVELS_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_levels pyfwevt_levels_t; 36 | 37 | struct pyfwevt_levels 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_levels_type_object; 63 | 64 | PyObject *pyfwevt_levels_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_levels_init( 72 | pyfwevt_levels_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_levels_free( 77 | pyfwevt_levels_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_levels_len( 80 | pyfwevt_levels_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_levels_getitem( 83 | pyfwevt_levels_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_levels_iter( 87 | pyfwevt_levels_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_levels_iternext( 90 | pyfwevt_levels_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_LEVELS_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_libcerror.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libcerror header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_LIBCERROR_H ) 23 | #define _PYFWEVT_LIBCERROR_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBCERROR for local use of libcerror 28 | */ 29 | #if defined( HAVE_LOCAL_LIBCERROR ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | 36 | #else 37 | 38 | /* If libtool DLL support is enabled set LIBCERROR_DLL_IMPORT 39 | * before including libcerror.h 40 | */ 41 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 42 | #define LIBCERROR_DLL_IMPORT 43 | #endif 44 | 45 | #include 46 | 47 | #endif /* defined( HAVE_LOCAL_LIBCERROR ) */ 48 | 49 | #endif /* !defined( _PYFWEVT_LIBCERROR_H ) */ 50 | 51 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_libfguid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libfguid header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_LIBFGUID_H ) 23 | #define _PYFWEVT_LIBFGUID_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBFGUID for local use of libfguid 28 | */ 29 | #if defined( HAVE_LOCAL_LIBFGUID ) 30 | 31 | #include 32 | #include 33 | #include 34 | 35 | #else 36 | 37 | /* If libtool DLL support is enabled set LIBFGUID_DLL_IMPORT 38 | * before including libfguid.h 39 | */ 40 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 41 | #define LIBFGUID_DLL_IMPORT 42 | #endif 43 | 44 | #include 45 | 46 | #endif 47 | 48 | #endif /* !defined( _PYFWEVT_LIBFGUID_H ) */ 49 | 50 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_libfwevt.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The internal libfwevt header 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_LIBFWEVT_H ) 23 | #define _PYFWEVT_LIBFWEVT_H 24 | 25 | #include 26 | 27 | #include 28 | 29 | #endif /* !defined( _PYFWEVT_LIBFWEVT_H ) */ 30 | 31 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_manifest.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_manifest_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_MANIFEST_H ) 23 | #define _PYFWEVT_MANIFEST_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_manifest pyfwevt_manifest_t; 36 | 37 | struct pyfwevt_manifest 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt manifest 44 | */ 45 | libfwevt_manifest_t *manifest; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_manifest_object_methods[]; 53 | extern PyTypeObject pyfwevt_manifest_type_object; 54 | 55 | PyObject *pyfwevt_manifest_new( 56 | libfwevt_manifest_t *manifest, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_manifest_init( 60 | pyfwevt_manifest_t *pyfwevt_manifest, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_manifest_free( 65 | pyfwevt_manifest_t *pyfwevt_manifest ); 66 | 67 | PyObject *pyfwevt_manifest_copy_from_byte_stream( 68 | pyfwevt_manifest_t *pyfwevt_manifest, 69 | PyObject *arguments, 70 | PyObject *keywords ); 71 | 72 | PyObject *pyfwevt_manifest_get_number_of_providers( 73 | pyfwevt_manifest_t *pyfwevt_manifest, 74 | PyObject *arguments ); 75 | 76 | PyObject *pyfwevt_manifest_get_provider_by_index( 77 | PyObject *pyfwevt_manifest, 78 | int provider_index ); 79 | 80 | PyObject *pyfwevt_manifest_get_provider( 81 | pyfwevt_manifest_t *pyfwevt_manifest, 82 | PyObject *arguments, 83 | PyObject *keywords ); 84 | 85 | PyObject *pyfwevt_manifest_get_providers( 86 | pyfwevt_manifest_t *pyfwevt_manifest, 87 | PyObject *arguments ); 88 | 89 | #if defined( __cplusplus ) 90 | } 91 | #endif 92 | 93 | #endif /* !defined( _PYFWEVT_MANIFEST_H ) */ 94 | 95 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_map.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_map_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_MAP_H ) 23 | #define _PYFWEVT_MAP_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_map pyfwevt_map_t; 36 | 37 | struct pyfwevt_map 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt map 44 | */ 45 | libfwevt_map_t *map; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_map_object_methods[]; 53 | extern PyTypeObject pyfwevt_map_type_object; 54 | 55 | PyObject *pyfwevt_map_new( 56 | libfwevt_map_t *map, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_map_init( 60 | pyfwevt_map_t *pyfwevt_map, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_map_free( 65 | pyfwevt_map_t *pyfwevt_map ); 66 | 67 | #if defined( __cplusplus ) 68 | } 69 | #endif 70 | 71 | #endif /* !defined( _PYFWEVT_MAP_H ) */ 72 | 73 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_maps.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of maps 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_MAPS_H ) 23 | #define _PYFWEVT_MAPS_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_maps pyfwevt_maps_t; 36 | 37 | struct pyfwevt_maps 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_maps_type_object; 63 | 64 | PyObject *pyfwevt_maps_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_maps_init( 72 | pyfwevt_maps_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_maps_free( 77 | pyfwevt_maps_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_maps_len( 80 | pyfwevt_maps_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_maps_getitem( 83 | pyfwevt_maps_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_maps_iter( 87 | pyfwevt_maps_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_maps_iternext( 90 | pyfwevt_maps_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_MAPS_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_opcode.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_opcode_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_OPCODE_H ) 23 | #define _PYFWEVT_OPCODE_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_opcode pyfwevt_opcode_t; 36 | 37 | struct pyfwevt_opcode 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt opcode 44 | */ 45 | libfwevt_opcode_t *opcode; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_opcode_object_methods[]; 53 | extern PyTypeObject pyfwevt_opcode_type_object; 54 | 55 | PyObject *pyfwevt_opcode_new( 56 | libfwevt_opcode_t *opcode, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_opcode_init( 60 | pyfwevt_opcode_t *pyfwevt_opcode, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_opcode_free( 65 | pyfwevt_opcode_t *pyfwevt_opcode ); 66 | 67 | #if defined( __cplusplus ) 68 | } 69 | #endif 70 | 71 | #endif /* !defined( _PYFWEVT_OPCODE_H ) */ 72 | 73 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_opcodes.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of opcodes 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_OPCODES_H ) 23 | #define _PYFWEVT_OPCODES_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_opcodes pyfwevt_opcodes_t; 36 | 37 | struct pyfwevt_opcodes 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_opcodes_type_object; 63 | 64 | PyObject *pyfwevt_opcodes_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_opcodes_init( 72 | pyfwevt_opcodes_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_opcodes_free( 77 | pyfwevt_opcodes_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_opcodes_len( 80 | pyfwevt_opcodes_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_opcodes_getitem( 83 | pyfwevt_opcodes_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_opcodes_iter( 87 | pyfwevt_opcodes_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_opcodes_iternext( 90 | pyfwevt_opcodes_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_OPCODES_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_providers.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of providers 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_PROVIDERS_H ) 23 | #define _PYFWEVT_PROVIDERS_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_providers pyfwevt_providers_t; 36 | 37 | struct pyfwevt_providers 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_providers_type_object; 63 | 64 | PyObject *pyfwevt_providers_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_providers_init( 72 | pyfwevt_providers_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_providers_free( 77 | pyfwevt_providers_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_providers_len( 80 | pyfwevt_providers_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_providers_getitem( 83 | pyfwevt_providers_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_providers_iter( 87 | pyfwevt_providers_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_providers_iternext( 90 | pyfwevt_providers_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_PROVIDERS_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_python.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The python header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_PYTHON_H ) 23 | #define _PYFWEVT_PYTHON_H 24 | 25 | #include 26 | 27 | #if PY_MAJOR_VERSION < 3 28 | 29 | /* Fix defines in pyconfig.h 30 | */ 31 | #undef _POSIX_C_SOURCE 32 | #undef _XOPEN_SOURCE 33 | 34 | /* Fix defines in pyport.h 35 | */ 36 | #undef HAVE_FSTAT 37 | #undef HAVE_STAT 38 | #undef HAVE_SSIZE_T 39 | #undef HAVE_INT32_T 40 | #undef HAVE_UINT32_T 41 | #undef HAVE_INT64_T 42 | #undef HAVE_UINT64_T 43 | 44 | #endif /* PY_MAJOR_VERSION < 3 */ 45 | 46 | /* Define PY_SSIZE_T_CLEAN to silence: 47 | * DeprecationWarning: PY_SSIZE_T_CLEAN will be required for '#' formats 48 | * 49 | * PY_SSIZE_T_CLEAN was introduced in Python 2.5 50 | */ 51 | #define PY_SSIZE_T_CLEAN 52 | 53 | #include 54 | 55 | /* Python compatibility macros 56 | */ 57 | #if !defined( PyMODINIT_FUNC ) 58 | #if PY_MAJOR_VERSION >= 3 59 | #define PyMODINIT_FUNC PyObject * 60 | #else 61 | #define PyMODINIT_FUNC void 62 | #endif 63 | #endif /* !defined( PyMODINIT_FUNC ) */ 64 | 65 | #if !defined( PyVarObject_HEAD_INIT ) 66 | #define PyVarObject_HEAD_INIT( type, size ) \ 67 | PyObject_HEAD_INIT( type ) \ 68 | size, 69 | 70 | #endif /* !defined( PyVarObject_HEAD_INIT ) */ 71 | 72 | #if PY_MAJOR_VERSION >= 3 73 | #define Py_TPFLAGS_HAVE_ITER 0 74 | #endif 75 | 76 | #if !defined( Py_TYPE ) 77 | #define Py_TYPE( object ) \ 78 | ( ( (PyObject *) object )->ob_type ) 79 | 80 | #endif /* !defined( Py_TYPE ) */ 81 | 82 | #endif /* !defined( _PYFWEVT_PYTHON_H ) */ 83 | 84 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_task.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_task_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_TASK_H ) 23 | #define _PYFWEVT_TASK_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_task pyfwevt_task_t; 36 | 37 | struct pyfwevt_task 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt task 44 | */ 45 | libfwevt_task_t *task; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_task_object_methods[]; 53 | extern PyTypeObject pyfwevt_task_type_object; 54 | 55 | PyObject *pyfwevt_task_new( 56 | libfwevt_task_t *task, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_task_init( 60 | pyfwevt_task_t *pyfwevt_task, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_task_free( 65 | pyfwevt_task_t *pyfwevt_task ); 66 | 67 | #if defined( __cplusplus ) 68 | } 69 | #endif 70 | 71 | #endif /* !defined( _PYFWEVT_TASK_H ) */ 72 | 73 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_tasks.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of tasks 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_TASKS_H ) 23 | #define _PYFWEVT_TASKS_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_tasks pyfwevt_tasks_t; 36 | 37 | struct pyfwevt_tasks 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_tasks_type_object; 63 | 64 | PyObject *pyfwevt_tasks_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_tasks_init( 72 | pyfwevt_tasks_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_tasks_free( 77 | pyfwevt_tasks_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_tasks_len( 80 | pyfwevt_tasks_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_tasks_getitem( 83 | pyfwevt_tasks_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_tasks_iter( 87 | pyfwevt_tasks_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_tasks_iternext( 90 | pyfwevt_tasks_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_TASKS_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_template.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_template_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_TEMPLATE_H ) 23 | #define _PYFWEVT_TEMPLATE_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_template pyfwevt_template_t; 36 | 37 | struct pyfwevt_template 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt template 44 | */ 45 | libfwevt_template_t *template; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_template_object_methods[]; 53 | extern PyTypeObject pyfwevt_template_type_object; 54 | 55 | PyObject *pyfwevt_template_new( 56 | libfwevt_template_t *template, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_template_init( 60 | pyfwevt_template_t *pyfwevt_template, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_template_free( 65 | pyfwevt_template_t *pyfwevt_template ); 66 | 67 | PyObject *pyfwevt_template_get_identifier( 68 | pyfwevt_template_t *pyfwevt_template, 69 | PyObject *arguments ); 70 | 71 | PyObject *pyfwevt_template_get_number_of_items( 72 | pyfwevt_template_t *pyfwevt_template, 73 | PyObject *arguments ); 74 | 75 | PyObject *pyfwevt_template_get_item_by_index( 76 | PyObject *pyfwevt_template, 77 | int item_index ); 78 | 79 | PyObject *pyfwevt_template_get_item( 80 | PyObject *pyfwevt_template, 81 | PyObject *arguments, 82 | PyObject *keywords ); 83 | 84 | PyObject *pyfwevt_template_get_items( 85 | pyfwevt_template_t *pyfwevt_template, 86 | PyObject *arguments ); 87 | 88 | #if defined( __cplusplus ) 89 | } 90 | #endif 91 | 92 | #endif /* !defined( _PYFWEVT_TEMPLATE_H ) */ 93 | 94 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_template_item.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object wrapper of libfwevt_template_item_t 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_TEMPLATE_ITEM_H ) 23 | #define _PYFWEVT_TEMPLATE_ITEM_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_template_item pyfwevt_template_item_t; 36 | 37 | struct pyfwevt_template_item 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The libfwevt template_item 44 | */ 45 | libfwevt_template_item_t *template_item; 46 | 47 | /* The parent object 48 | */ 49 | PyObject *parent_object; 50 | }; 51 | 52 | extern PyMethodDef pyfwevt_template_item_object_methods[]; 53 | extern PyTypeObject pyfwevt_template_item_type_object; 54 | 55 | PyObject *pyfwevt_template_item_new( 56 | libfwevt_template_item_t *template_item, 57 | PyObject *parent_object ); 58 | 59 | int pyfwevt_template_item_init( 60 | pyfwevt_template_item_t *pyfwevt_template_item, 61 | PyObject *arguments, 62 | PyObject *keywords ); 63 | 64 | void pyfwevt_template_item_free( 65 | pyfwevt_template_item_t *pyfwevt_template_item ); 66 | 67 | PyObject *pyfwevt_template_item_get_input_data_type( 68 | pyfwevt_template_item_t *pyfwevt_template_item, 69 | PyObject *arguments ); 70 | 71 | PyObject *pyfwevt_template_item_get_output_data_type( 72 | pyfwevt_template_item_t *pyfwevt_template_item, 73 | PyObject *arguments ); 74 | 75 | PyObject *pyfwevt_template_item_get_number_of_values( 76 | pyfwevt_template_item_t *pyfwevt_template_item, 77 | PyObject *arguments ); 78 | 79 | PyObject *pyfwevt_template_item_get_value_data_size( 80 | pyfwevt_template_item_t *pyfwevt_template_item, 81 | PyObject *arguments ); 82 | 83 | PyObject *pyfwevt_template_item_get_name( 84 | pyfwevt_template_item_t *pyfwevt_template_item, 85 | PyObject *arguments ); 86 | 87 | #if defined( __cplusplus ) 88 | } 89 | #endif 90 | 91 | #endif /* !defined( _PYFWEVT_TEMPLATE_ITEM_H ) */ 92 | 93 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_template_items.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of template items 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_TEMPLATE_ITEMS_H ) 23 | #define _PYFWEVT_TEMPLATE_ITEMS_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_template_items pyfwevt_template_items_t; 36 | 37 | struct pyfwevt_template_items 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_template_items_type_object; 63 | 64 | PyObject *pyfwevt_template_items_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_template_items_init( 72 | pyfwevt_template_items_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_template_items_free( 77 | pyfwevt_template_items_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_template_items_len( 80 | pyfwevt_template_items_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_template_items_getitem( 83 | pyfwevt_template_items_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_template_items_iter( 87 | pyfwevt_template_items_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_template_items_iternext( 90 | pyfwevt_template_items_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_TEMPLATE_ITEMS_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_templates.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Python object definition of the sequence and iterator object of templates 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_TEMPLATES_H ) 23 | #define _PYFWEVT_TEMPLATES_H 24 | 25 | #include 26 | #include 27 | 28 | #include "pyfwevt_libfwevt.h" 29 | #include "pyfwevt_python.h" 30 | 31 | #if defined( __cplusplus ) 32 | extern "C" { 33 | #endif 34 | 35 | typedef struct pyfwevt_templates pyfwevt_templates_t; 36 | 37 | struct pyfwevt_templates 38 | { 39 | /* Python object initialization 40 | */ 41 | PyObject_HEAD 42 | 43 | /* The parent object 44 | */ 45 | PyObject *parent_object; 46 | 47 | /* The get item by index callback function 48 | */ 49 | PyObject* (*get_item_by_index)( 50 | PyObject *parent_object, 51 | int index ); 52 | 53 | /* The current index 54 | */ 55 | int current_index; 56 | 57 | /* The number of items 58 | */ 59 | int number_of_items; 60 | }; 61 | 62 | extern PyTypeObject pyfwevt_templates_type_object; 63 | 64 | PyObject *pyfwevt_templates_new( 65 | PyObject *parent_object, 66 | PyObject* (*get_item_by_index)( 67 | PyObject *parent_object, 68 | int index ), 69 | int number_of_items ); 70 | 71 | int pyfwevt_templates_init( 72 | pyfwevt_templates_t *sequence_object, 73 | PyObject *arguments, 74 | PyObject *keywords ); 75 | 76 | void pyfwevt_templates_free( 77 | pyfwevt_templates_t *sequence_object ); 78 | 79 | Py_ssize_t pyfwevt_templates_len( 80 | pyfwevt_templates_t *sequence_object ); 81 | 82 | PyObject *pyfwevt_templates_getitem( 83 | pyfwevt_templates_t *sequence_object, 84 | Py_ssize_t item_index ); 85 | 86 | PyObject *pyfwevt_templates_iter( 87 | pyfwevt_templates_t *sequence_object ); 88 | 89 | PyObject *pyfwevt_templates_iternext( 90 | pyfwevt_templates_t *sequence_object ); 91 | 92 | #if defined( __cplusplus ) 93 | } 94 | #endif 95 | 96 | #endif /* !defined( _PYFWEVT_TEMPLATES_H ) */ 97 | 98 | -------------------------------------------------------------------------------- /pyfwevt/pyfwevt_unused.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Definitions to silence compiler warnings about unused function attributes/parameters. 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _PYFWEVT_UNUSED_H ) 23 | #define _PYFWEVT_UNUSED_H 24 | 25 | #include 26 | 27 | #if !defined( PYFWEVT_ATTRIBUTE_UNUSED ) 28 | #if defined( __GNUC__ ) && __GNUC__ >= 3 29 | #define PYFWEVT_ATTRIBUTE_UNUSED __attribute__ ((__unused__)) 30 | #else 31 | #define PYFWEVT_ATTRIBUTE_UNUSED 32 | #endif 33 | #endif 34 | 35 | #if defined( _MSC_VER ) 36 | #define PYFWEVT_UNREFERENCED_PARAMETER( parameter ) \ 37 | UNREFERENCED_PARAMETER( parameter ); 38 | #else 39 | #define PYFWEVT_UNREFERENCED_PARAMETER( parameter ) \ 40 | /* parameter */ 41 | #endif 42 | 43 | #endif /* !defined( _PYFWEVT_UNUSED_H ) */ 44 | 45 | -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- 1 | [build-system] 2 | requires = ["setuptools", "wheel"] 3 | build-backend = "setuptools.build_meta" 4 | 5 | -------------------------------------------------------------------------------- /runtests.ps1: -------------------------------------------------------------------------------- 1 | # Script that runs the tests 2 | # 3 | # Version: 20220103 4 | 5 | $ExitSuccess = 0 6 | $ExitFailure = 1 7 | $ExitIgnore = 77 8 | 9 | Set-Location -Path "tests" 10 | 11 | $Result = ${ExitSuccess} 12 | 13 | $Lines = Get-Content "Makefile.am" 14 | $InTests = $FALSE 15 | 16 | Foreach (${Line} in ${Lines}) 17 | { 18 | If (${InTests}) 19 | { 20 | If (-Not ${Line}) 21 | { 22 | ${InTests} = $FALSE 23 | 24 | Continue 25 | } 26 | ${Line} = ${Line}.TrimStart() 27 | 28 | If (${Line}.EndsWith(" \")) 29 | { 30 | ${Line} = ${Line}.Substring(0, ${Line}.Length - 2) 31 | } 32 | If (-Not (${Line}.EndsWith(".sh"))) 33 | { 34 | Continue 35 | } 36 | ${Line} = ${Line}.Substring(0, ${Line}.Length - 3) 37 | ${Line} = ".\${Line}.ps1" 38 | 39 | Try 40 | { 41 | Invoke-Expression ${Line} 42 | } 43 | Catch 44 | { 45 | $LastExitCode = ${ExitIgnore} 46 | } 47 | If (${LastExitCode} -eq ${ExitFailure}) 48 | { 49 | $Result = ${ExitFailure} 50 | Write-Host "FAIL" -foreground Red -nonewline 51 | } 52 | ElseIf (${LastExitCode} -eq ${ExitIgnore}) 53 | { 54 | Write-Host "SKIP" -foreground Cyan -nonewline 55 | } 56 | Else 57 | { 58 | Write-Host "PASS" -foreground Green -nonewline 59 | } 60 | Write-Host ": ${Line}" 61 | } 62 | ElseIf (${Line}.StartsWith("TESTS = ")) 63 | { 64 | ${InTests} = $TRUE 65 | } 66 | } 67 | 68 | Set-Location -Path ".." 69 | 70 | Exit ${Result} 71 | -------------------------------------------------------------------------------- /setup.cfg.in: -------------------------------------------------------------------------------- 1 | [metadata] 2 | name = libfwevt-python 3 | version = @VERSION@ 4 | description = Python bindings module for libfwevt 5 | long_description = Python bindings module for libfwevt 6 | long_description_content_type = text/plain 7 | author = Joachim Metz 8 | author_email = joachim.metz@gmail.com 9 | license = GNU Lesser General Public License v3 or later (LGPLv3+) 10 | license_files = COPYING COPYING.LESSER 11 | classifiers = 12 | Development Status :: 2 - Pre-Alpha 13 | Programming Language :: Python 14 | 15 | [options] 16 | python_requires = >=3.7 17 | -------------------------------------------------------------------------------- /tests/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Script to build from source 3 | # 4 | # Version: 20201121 5 | 6 | set -e 7 | 8 | ./synclibs.sh --use-head 9 | ./autogen.sh 10 | ./configure "$@" 11 | make > /dev/null 12 | 13 | -------------------------------------------------------------------------------- /tests/data/channel.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/tests/data/channel.1 -------------------------------------------------------------------------------- /tests/data/event.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/tests/data/event.1 -------------------------------------------------------------------------------- /tests/data/level.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/tests/data/level.1 -------------------------------------------------------------------------------- /tests/data/manifest.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/tests/data/manifest.1 -------------------------------------------------------------------------------- /tests/data/opcode.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/tests/data/opcode.1 -------------------------------------------------------------------------------- /tests/data/provider.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/tests/data/provider.1 -------------------------------------------------------------------------------- /tests/data/task.1: -------------------------------------------------------------------------------- 1 | 00pH HSE_ADT_SYSTEM_SECURITYSTATECHANGE -------------------------------------------------------------------------------- /tests/data/template.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/tests/data/template.1 -------------------------------------------------------------------------------- /tests/data/xml_document.1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/libyal/libfwevt/7ad068a4e0f23a847ffc50ce3d3956dcffa53aab/tests/data/xml_document.1 -------------------------------------------------------------------------------- /tests/fwevt_test_libcerror.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libcerror header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _FWEVT_TEST_LIBCERROR_H ) 23 | #define _FWEVT_TEST_LIBCERROR_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBCERROR for local use of libcerror 28 | */ 29 | #if defined( HAVE_LOCAL_LIBCERROR ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | 36 | #else 37 | 38 | /* If libtool DLL support is enabled set LIBCERROR_DLL_IMPORT 39 | * before including libcerror.h 40 | */ 41 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 42 | #define LIBCERROR_DLL_IMPORT 43 | #endif 44 | 45 | #include 46 | 47 | #endif /* defined( HAVE_LOCAL_LIBCERROR ) */ 48 | 49 | #endif /* !defined( _FWEVT_TEST_LIBCERROR_H ) */ 50 | 51 | -------------------------------------------------------------------------------- /tests/fwevt_test_libcnotify.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libcnotify header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _FWEVT_TEST_LIBCNOTIFY_H ) 23 | #define _FWEVT_TEST_LIBCNOTIFY_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBCNOTIFY for local use of libcnotify 28 | */ 29 | #if defined( HAVE_LOCAL_LIBCNOTIFY ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | 36 | #else 37 | 38 | /* If libtool DLL support is enabled set LIBCNOTIFY_DLL_IMPORT 39 | * before including libcnotify.h 40 | */ 41 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 42 | #define LIBCNOTIFY_DLL_IMPORT 43 | #endif 44 | 45 | #include 46 | 47 | #endif /* defined( HAVE_LOCAL_LIBCNOTIFY ) */ 48 | 49 | #endif /* !defined( _FWEVT_TEST_LIBCNOTIFY_H ) */ 50 | 51 | -------------------------------------------------------------------------------- /tests/fwevt_test_libfwevt.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libfwevt header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _FWEVT_TEST_LIBFWEVT_H ) 23 | #define _FWEVT_TEST_LIBFWEVT_H 24 | 25 | #include 26 | 27 | #include 28 | 29 | #endif /* !defined( _FWEVT_TEST_LIBFWEVT_H ) */ 30 | 31 | -------------------------------------------------------------------------------- /tests/fwevt_test_libuna.h: -------------------------------------------------------------------------------- 1 | /* 2 | * The libuna header wrapper 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _FWEVT_TEST_LIBUNA_H ) 23 | #define _FWEVT_TEST_LIBUNA_H 24 | 25 | #include 26 | 27 | /* Define HAVE_LOCAL_LIBUNA for local use of libuna 28 | */ 29 | #if defined( HAVE_LOCAL_LIBUNA ) 30 | 31 | #include 32 | #include 33 | #include 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | #include 40 | #include 41 | #include 42 | #include 43 | #include 44 | #include 45 | 46 | #else 47 | 48 | /* If libtool DLL support is enabled set LIBUNA_DLL_IMPORT 49 | * before including libuna.h 50 | */ 51 | #if defined( _WIN32 ) && defined( DLL_IMPORT ) 52 | #define LIBUNA_DLL_IMPORT 53 | #endif 54 | 55 | #include 56 | 57 | #endif /* defined( HAVE_LOCAL_LIBUNA ) */ 58 | 59 | #endif /* !defined( _FWEVT_TEST_LIBUNA_H ) */ 60 | 61 | -------------------------------------------------------------------------------- /tests/fwevt_test_memory.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Memory allocation functions for testing 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _FWEVT_TEST_MEMORY_H ) 23 | #define _FWEVT_TEST_MEMORY_H 24 | 25 | #include 26 | 27 | #if defined( __cplusplus ) 28 | extern "C" { 29 | #endif 30 | 31 | #if defined( HAVE_GNU_DL_DLSYM ) && defined( __GNUC__ ) && !defined( LIBFWEVT_DLL_IMPORT ) && !defined( __arm__ ) && !defined( __clang__ ) && !defined( __CYGWIN__ ) && !defined( __hppa__ ) && !defined( __loongarch__ ) && !defined( __mips__ ) && !defined( __riscv ) && !defined( __sparc__ ) && !defined( HAVE_ASAN ) 32 | #define HAVE_FWEVT_TEST_MEMORY 1 33 | #endif 34 | 35 | #if defined( HAVE_FWEVT_TEST_MEMORY ) 36 | 37 | extern int fwevt_test_malloc_attempts_before_fail; 38 | 39 | extern int fwevt_test_memcpy_attempts_before_fail; 40 | 41 | extern int fwevt_test_memset_attempts_before_fail; 42 | 43 | extern int fwevt_test_realloc_attempts_before_fail; 44 | 45 | #endif /* defined( HAVE_FWEVT_TEST_MEMORY ) */ 46 | 47 | #if defined( __cplusplus ) 48 | } 49 | #endif 50 | 51 | #endif /* !defined( _FWEVT_TEST_MEMORY_H ) */ 52 | 53 | -------------------------------------------------------------------------------- /tests/fwevt_test_support.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Library support functions test program 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #include 23 | #include 24 | #include 25 | #include 26 | 27 | #if defined( HAVE_STDLIB_H ) || defined( WINAPI ) 28 | #include 29 | #endif 30 | 31 | #include "fwevt_test_libfwevt.h" 32 | #include "fwevt_test_macros.h" 33 | #include "fwevt_test_unused.h" 34 | 35 | /* Tests the libfwevt_get_version function 36 | * Returns 1 if successful or 0 if not 37 | */ 38 | int fwevt_test_get_version( 39 | void ) 40 | { 41 | const char *version_string = NULL; 42 | int result = 0; 43 | 44 | version_string = libfwevt_get_version(); 45 | 46 | result = narrow_string_compare( 47 | version_string, 48 | LIBFWEVT_VERSION_STRING, 49 | 9 ); 50 | 51 | FWEVT_TEST_ASSERT_EQUAL_INT( 52 | "result", 53 | result, 54 | 0 ); 55 | 56 | return( 1 ); 57 | 58 | on_error: 59 | return( 0 ); 60 | } 61 | 62 | /* The main program 63 | */ 64 | #if defined( HAVE_WIDE_SYSTEM_CHARACTER ) 65 | int wmain( 66 | int argc FWEVT_TEST_ATTRIBUTE_UNUSED, 67 | wchar_t * const argv[] FWEVT_TEST_ATTRIBUTE_UNUSED ) 68 | #else 69 | int main( 70 | int argc FWEVT_TEST_ATTRIBUTE_UNUSED, 71 | char * const argv[] FWEVT_TEST_ATTRIBUTE_UNUSED ) 72 | #endif 73 | { 74 | FWEVT_TEST_UNREFERENCED_PARAMETER( argc ) 75 | FWEVT_TEST_UNREFERENCED_PARAMETER( argv ) 76 | 77 | FWEVT_TEST_RUN( 78 | "libfwevt_get_version", 79 | fwevt_test_get_version ); 80 | 81 | return( EXIT_SUCCESS ); 82 | 83 | on_error: 84 | return( EXIT_FAILURE ); 85 | } 86 | 87 | -------------------------------------------------------------------------------- /tests/fwevt_test_unused.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Definitions to silence compiler warnings about unused function attributes/parameters. 3 | * 4 | * Copyright (C) 2011-2024, Joachim Metz 5 | * 6 | * Refer to AUTHORS for acknowledgements. 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Lesser General Public License as published by 10 | * the Free Software Foundation, either version 3 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | #if !defined( _FWEVT_TEST_UNUSED_H ) 23 | #define _FWEVT_TEST_UNUSED_H 24 | 25 | #include 26 | 27 | #if !defined( FWEVT_TEST_ATTRIBUTE_UNUSED ) 28 | 29 | #if defined( __GNUC__ ) && __GNUC__ >= 3 30 | #define FWEVT_TEST_ATTRIBUTE_UNUSED __attribute__ ((__unused__)) 31 | 32 | #else 33 | #define FWEVT_TEST_ATTRIBUTE_UNUSED 34 | 35 | #endif /* defined( __GNUC__ ) && __GNUC__ >= 3 */ 36 | 37 | #endif /* !defined( FWEVT_TEST_ATTRIBUTE_UNUSED ) */ 38 | 39 | #if defined( _MSC_VER ) 40 | #define FWEVT_TEST_UNREFERENCED_PARAMETER( parameter ) \ 41 | UNREFERENCED_PARAMETER( parameter ); 42 | 43 | #else 44 | #define FWEVT_TEST_UNREFERENCED_PARAMETER( parameter ) \ 45 | /* parameter */ 46 | 47 | #endif /* defined( _MSC_VER ) */ 48 | 49 | #endif /* !defined( _FWEVT_TEST_UNUSED_H ) */ 50 | 51 | -------------------------------------------------------------------------------- /tests/lsan.suppressions: -------------------------------------------------------------------------------- 1 | leak:/lib*/libpython* 2 | -------------------------------------------------------------------------------- /tests/pkgbuild.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Script to build a MacOS pkg 3 | # 4 | # Version: 20201121 5 | 6 | set -e 7 | 8 | make install DESTDIR=${PWD}/osx-pkg 9 | mkdir -p ${PWD}/osx-pkg/usr/share/doc/libfwevt 10 | cp AUTHORS COPYING COPYING.LESSER NEWS README ${PWD}/osx-pkg/usr/share/doc/libfwevt 11 | 12 | VERSION=`sed '5!d; s/^ \[//;s/\],$//' configure.ac` 13 | pkgbuild --root osx-pkg --identifier com.github.libyal.libfwevt --version ${VERSION} --ownership recommended ../libfwevt-${VERSION}.pkg 14 | 15 | -------------------------------------------------------------------------------- /tests/pyfwevt_test_support.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # 3 | # Python-bindings support functions test script 4 | # 5 | # Copyright (C) 2011-2024, Joachim Metz 6 | # 7 | # Refer to AUTHORS for acknowledgements. 8 | # 9 | # This program is free software: you can redistribute it and/or modify 10 | # it under the terms of the GNU Lesser General Public License as published by 11 | # the Free Software Foundation, either version 3 of the License, or 12 | # (at your option) any later version. 13 | # 14 | # This program is distributed in the hope that it will be useful, 15 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | # GNU General Public License for more details. 18 | # 19 | # You should have received a copy of the GNU Lesser General Public License 20 | # along with this program. If not, see . 21 | 22 | import unittest 23 | 24 | import pyfwevt 25 | 26 | 27 | class SupportFunctionsTests(unittest.TestCase): 28 | """Tests the support functions.""" 29 | 30 | def test_get_version(self): 31 | """Tests the get_version function.""" 32 | version = pyfwevt.get_version() 33 | self.assertIsNotNone(version) 34 | 35 | 36 | if __name__ == "__main__": 37 | unittest.main(verbosity=2) 38 | -------------------------------------------------------------------------------- /tests/runtests.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # 3 | # Script to run Python test scripts. 4 | # 5 | # Version: 20231024 6 | 7 | import glob 8 | import os 9 | import sys 10 | import unittest 11 | 12 | 13 | test_profile = ".pyfwevt" 14 | input_glob = "*" 15 | option_sets = [] 16 | 17 | 18 | def ReadIgnoreList(test_profile): 19 | """Reads the test profile ignore file if it exists. 20 | 21 | Args: 22 | test_profile (str): test profile. 23 | 24 | Returns: 25 | set[str]: ignore list. 26 | """ 27 | ignore_file_path = os.path.join("tests", "input", test_profile, "ignore") 28 | if os.path.isfile(ignore_file_path): 29 | with open(ignore_file_path, "r", encoding="utf-8") as file_object: 30 | return set([line.strip() for line in file_object.readlines()]) 31 | 32 | return set() 33 | 34 | 35 | if __name__ == "__main__": 36 | print(f"Using Python version {sys.version!s}") 37 | 38 | test_loader = unittest.TestLoader() 39 | test_runner = unittest.TextTestRunner(verbosity=2) 40 | 41 | test_scripts = test_loader.discover("tests", pattern="*.py") 42 | 43 | ignore_list = ReadIgnoreList(test_profile) 44 | 45 | test_set = None 46 | source_file = None 47 | 48 | for test_set in glob.glob(os.path.join("tests", "input", "*")): 49 | test_set = test_set.rsplit(os.path.sep, maxsplit=1)[-1] 50 | if not test_set or test_set[0] == '.' or test_set in ignore_list: 51 | continue 52 | 53 | source_files = glob.glob(os.path.join( 54 | "tests", "input", test_set, input_glob)) 55 | if source_files: 56 | source_file = source_files[0] 57 | break 58 | 59 | setattr(unittest, "source", source_file) 60 | 61 | if source_file: 62 | for option_set in option_sets: 63 | test_file = os.path.basename(source_file) 64 | test_options_file_path = os.path.join( 65 | "tests", "input", test_profile, test_set, 66 | f"{test_file:s}.{option_set:s}") 67 | if os.path.isfile(test_options_file_path): 68 | with open(test_options_file_path, "r", encoding="utf-8") as file_object: 69 | lines = [line.strip() for line in file_object.readlines()] 70 | if lines[0] == "# libyal test data options": 71 | for line in lines[1:]: 72 | key, value = line.split("=", maxsplit=1) 73 | if key == 'offset': 74 | value = int(value) 75 | 76 | setattr(unittest, key, value) 77 | 78 | test_results = test_runner.run(test_scripts) 79 | if not test_results.wasSuccessful(): 80 | sys.exit(1) 81 | -------------------------------------------------------------------------------- /tests/runtests.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Script to run tests 3 | # 4 | # Version: 20201121 5 | 6 | if test -f ${PWD}/libfwevt/.libs/libfwevt.1.dylib && test -f ./pyfwevt/.libs/pyfwevt.so; 7 | then 8 | install_name_tool -change /usr/local/lib/libfwevt.1.dylib ${PWD}/libfwevt/.libs/libfwevt.1.dylib ./pyfwevt/.libs/pyfwevt.so; 9 | fi 10 | 11 | make check CHECK_WITH_STDERR=1; 12 | RESULT=$?; 13 | 14 | if test ${RESULT} -ne 0 && test -f tests/test-suite.log; 15 | then 16 | cat tests/test-suite.log; 17 | fi 18 | exit ${RESULT}; 19 | 20 | -------------------------------------------------------------------------------- /tests/syncsharedlibs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Script that synchronizes the shared library dependencies 3 | # 4 | # Version: 20201121 5 | 6 | EXIT_SUCCESS=0; 7 | EXIT_FAILURE=1; 8 | 9 | GIT_URL_PREFIX="https://github.com/libyal"; 10 | SHARED_LIBS="libcerror libcthreads libcdata libcnotify libuna libfdatetime libfguid libfwnt"; 11 | 12 | USE_HEAD=""; 13 | 14 | if test "$1" = "--use-head"; 15 | then 16 | USE_HEAD="--use-head"; 17 | fi 18 | 19 | OLDIFS=$IFS; 20 | IFS=" "; 21 | 22 | for SHARED_LIB in ${SHARED_LIBS}; 23 | do 24 | GIT_URL="${GIT_URL_PREFIX}/${SHARED_LIB}.git"; 25 | 26 | git clone --quiet ${GIT_URL} ${SHARED_LIB}-$$; 27 | 28 | if ! test -d ${SHARED_LIB}-$$; 29 | then 30 | echo "Unable to git clone: ${GIT_URL}"; 31 | 32 | IFS=$OLDIFS; 33 | 34 | exit ${EXIT_FAILURE}; 35 | fi 36 | (cd ${SHARED_LIB}-$$ && git fetch --quiet --all --tags --prune) 37 | 38 | LATEST_TAG=`cd ${SHARED_LIB}-$$ && git describe --tags --abbrev=0`; 39 | 40 | if test -n ${LATEST_TAG} && test -z ${USE_HEAD}; 41 | then 42 | echo "Synchronizing: ${SHARED_LIB} from ${GIT_URL} tag ${LATEST_TAG}"; 43 | 44 | (cd ${SHARED_LIB}-$$ && git checkout --quiet tags/${LATEST_TAG}); 45 | else 46 | echo "Synchronizing: ${SHARED_LIB} from ${GIT_URL} HEAD"; 47 | fi 48 | 49 | (cd ${SHARED_LIB}-$$ && ./synclibs.sh ${USE_HEAD} && ./autogen.sh); 50 | 51 | CONFIGURE_OPTIONS=""; 52 | 53 | (cd ${SHARED_LIB}-$$ && ./configure --help | grep -- '--enable-wide-character-type' > /dev/null); 54 | 55 | if test $? -eq 0; 56 | then 57 | CONFIGURE_OPTIONS="${CONFIGURE_OPTIONS} --enable-wide-character-type"; 58 | fi 59 | 60 | (cd ${SHARED_LIB}-$$ && ./configure --prefix=/usr ${CONFIGURE_OPTIONS} && make && sudo make install); 61 | 62 | rm -rf ${SHARED_LIB}-$$; 63 | done 64 | 65 | IFS=$OLDIFS; 66 | 67 | exit ${EXIT_SUCCESS}; 68 | 69 | -------------------------------------------------------------------------------- /tests/test_manpage.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Tests man pages. 3 | # 4 | # Version: 20240413 5 | 6 | EXIT_SUCCESS=0; 7 | EXIT_FAILURE=1; 8 | EXIT_IGNORE=77; 9 | 10 | run_test() 11 | { 12 | local INPUT_FILE=$1; 13 | local RESULT=0 14 | 15 | TEST_NAME=`basename ${INPUT_FILE}`; 16 | echo -n "Testing man with input: ${TEST_NAME}"; 17 | 18 | LC_ALL=en_US.UTF-8 MANROFFSEQ='' MANWIDTH=80 man --warnings -E UTF-8 -l -Tutf8 -Z ${INPUT_FILE} > /dev/null 2> ${TMPDIR}/${TEST_NAME}.warnings; 19 | RESULT=$?; 20 | 21 | # For now line break warnings are ignored. 22 | if test -f ${TMPDIR}/${TEST_NAME}.warnings; 23 | then 24 | sed "/can't break line/ d" -i ${TMPDIR}/${TEST_NAME}.warnings; 25 | fi 26 | if test -s ${TMPDIR}/${TEST_NAME}.warnings; 27 | then 28 | RESULT=${EXIT_FAILURE}; 29 | fi 30 | if test ${RESULT} -ne ${EXIT_SUCCESS}; 31 | then 32 | echo " (FAIL)"; 33 | else 34 | echo " (PASS)"; 35 | fi 36 | if test -s ${TMPDIR}/${TEST_NAME}.warnings; 37 | then 38 | cat ${TMPDIR}/${TEST_NAME}.warnings; 39 | fi 40 | return ${RESULT}; 41 | } 42 | 43 | if test "${OSTYPE}" = "msys"; 44 | then 45 | exit ${EXIT_IGNORE}; 46 | fi 47 | 48 | TEST_DIRECTORY=`dirname $0`; 49 | 50 | TEST_RUNNER="${TEST_DIRECTORY}/test_runner.sh"; 51 | 52 | if ! test -f "${TEST_RUNNER}"; 53 | then 54 | echo "Missing test runner: ${TEST_RUNNER}"; 55 | 56 | exit ${EXIT_FAILURE}; 57 | fi 58 | 59 | source ${TEST_RUNNER}; 60 | 61 | assert_availability_binary man; 62 | 63 | RESULT=${EXIT_IGNORE}; 64 | 65 | TMPDIR="tmp$$"; 66 | 67 | rm -rf ${TMPDIR}; 68 | mkdir ${TMPDIR}; 69 | 70 | MANUALS_PATH="../manuals"; 71 | 72 | if ! test -d ${MANUALS_PATH}; 73 | then 74 | MANUALS_PATH="manuals"; 75 | fi 76 | 77 | if ! test -d ${MANUALS_PATH}; 78 | then 79 | echo "Manuals directory not found."; 80 | 81 | exit ${EXIT_IGNORE}; 82 | fi 83 | 84 | for INPUT_FILE in ${MANUALS_PATH}/*.[13]; 85 | do 86 | run_test "${INPUT_FILE}"; 87 | RESULT=$?; 88 | 89 | if test ${RESULT} -ne ${EXIT_SUCCESS}; 90 | then 91 | break; 92 | fi 93 | done 94 | 95 | rm -rf ${TMPDIR}; 96 | 97 | exit ${RESULT}; 98 | 99 | -------------------------------------------------------------------------------- /tox.ini: -------------------------------------------------------------------------------- 1 | [tox] 2 | envlist = auditwheel,py3{7,8,9,10,11,12} 3 | 4 | [testenv] 5 | usedevelop = True 6 | pip_pre = True 7 | passenv = 8 | CFLAGS 9 | CPPFLAGS 10 | INCLUDE 11 | LDFLAGS 12 | LIB 13 | deps = 14 | build 15 | setuptools >= 65 16 | wheel 17 | commands = 18 | python -m build --no-isolation --outdir=dist --wheel 19 | python -m pip install --no-index --find-links=dist libfwevt-python 20 | python tests/runtests.py 21 | 22 | [testenv:auditwheel] 23 | usedevelop = True 24 | pip_pre = True 25 | deps = 26 | auditwheel 27 | setuptools >= 65 28 | commands = 29 | python -m auditwheel repair {posargs} 30 | --------------------------------------------------------------------------------