Skip to content

Commit

Permalink
[7.17](backport #36650) winlogbeat/sys/wineventlog: fix unsafe pointe…
Browse files Browse the repository at this point in the history
…r use (#36662)

* winlogbeat/sys/wineventlog: fix unsafe pointer use (#36650)

Fix the use of pointer to uintptr conversions to comply with the unsafe.Pointer
rules. In particular, the code previously was not making conversions from a *T
to uintptr in the call expression as required by rule (4) Conversion of a
Pointer to a uintptr when calling syscall.Syscall[1].

[1]https://pkg.go.dev/unsafe#Pointer

(cherry picked from commit 0ad4264)

# Conflicts:
#	winlogbeat/sys/wineventlog/wineventlog_windows.go

* remove irrelevant changelog lines
* resolve conflicts

---------

Co-authored-by: Dan Kortschak <[email protected]>
Co-authored-by: Dan Kortschak <[email protected]>
  • Loading branch information
3 people authored Sep 22, 2023
1 parent 7581e18 commit 7e3fec6
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 22 deletions.
1 change: 1 addition & 0 deletions CHANGELOG-developer.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ The list below covers the major changes between 7.0.0-rc2 and master only.
- Errors should be thrown as errors. Metricsets inside Metricbeat will now throw errors as the `error` log level. {pull}27804[27804]
- Avoid panicking in `add_fields` processor when input event.Fields is a nil map. {pull}28219[28219]
- Fix type mismatch in libbeat/metric/system/cgroup/cgv2 when building on mips platforms. {pull}34658[34658]
- Make winlogbeat/sys/wineventlog follow the unsafe.Pointer rules. {pull}36650[36650]

==== Added

Expand Down
7 changes: 3 additions & 4 deletions winlogbeat/sys/wineventlog/format_message.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ package wineventlog

import (
"fmt"
"unsafe"

"golang.org/x/sys/windows"

Expand Down Expand Up @@ -71,10 +70,10 @@ func getEventXML(metadata *PublisherMetadata, eventHandle EvtHandle) (string, er
func evtFormatMessage(metadataHandle EvtHandle, eventHandle EvtHandle, messageID uint32, values []EvtVariant, messageFlag EvtFormatMessageFlag) (string, error) {
var (
valuesCount = uint32(len(values))
valuesPtr uintptr
valuesPtr *EvtVariant
)
if len(values) > 0 {
valuesPtr = uintptr(unsafe.Pointer(&values[0]))
if len(values) != 0 {
valuesPtr = &values[0]
}

// Determine the buffer size needed (given in WCHARs).
Expand Down
4 changes: 2 additions & 2 deletions winlogbeat/sys/wineventlog/renderer.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,12 +60,12 @@ type Renderer struct {

// NewRenderer returns a new Renderer.
func NewRenderer(session EvtHandle, log *logp.Logger) (*Renderer, error) {
systemContext, err := _EvtCreateRenderContext(0, 0, EvtRenderContextSystem)
systemContext, err := _EvtCreateRenderContext(0, nil, EvtRenderContextSystem)
if err != nil {
return nil, fmt.Errorf("failed in EvtCreateRenderContext for system context: %w", err)
}

userContext, err := _EvtCreateRenderContext(0, 0, EvtRenderContextUser)
userContext, err := _EvtCreateRenderContext(0, nil, EvtRenderContextUser)
if err != nil {
return nil, fmt.Errorf("failed in EvtCreateRenderContext for user context: %w", err)
}
Expand Down
4 changes: 2 additions & 2 deletions winlogbeat/sys/wineventlog/syscall_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -649,14 +649,14 @@ func EvtClearLog(session EvtHandle, channelPath string, targetFilePath string) e
//sys _EvtSubscribe(session EvtHandle, signalEvent uintptr, channelPath *uint16, query *uint16, bookmark EvtHandle, context uintptr, callback syscall.Handle, flags EvtSubscribeFlag) (handle EvtHandle, err error) = wevtapi.EvtSubscribe
//sys _EvtCreateBookmark(bookmarkXML *uint16) (handle EvtHandle, err error) = wevtapi.EvtCreateBookmark
//sys _EvtUpdateBookmark(bookmark EvtHandle, event EvtHandle) (err error) = wevtapi.EvtUpdateBookmark
//sys _EvtCreateRenderContext(ValuePathsCount uint32, valuePaths uintptr, flags EvtRenderContextFlag) (handle EvtHandle, err error) = wevtapi.EvtCreateRenderContext
//sys _EvtCreateRenderContext(ValuePathsCount uint32, valuePaths **uint16, flags EvtRenderContextFlag) (handle EvtHandle, err error) = wevtapi.EvtCreateRenderContext
//sys _EvtRender(context EvtHandle, fragment EvtHandle, flags EvtRenderFlag, bufferSize uint32, buffer *byte, bufferUsed *uint32, propertyCount *uint32) (err error) = wevtapi.EvtRender
//sys _EvtClose(object EvtHandle) (err error) = wevtapi.EvtClose
//sys _EvtSeek(resultSet EvtHandle, position int64, bookmark EvtHandle, timeout uint32, flags uint32) (success bool, err error) [!success] = wevtapi.EvtSeek
//sys _EvtNext(resultSet EvtHandle, eventArraySize uint32, eventArray *EvtHandle, timeout uint32, flags uint32, numReturned *uint32) (err error) = wevtapi.EvtNext
//sys _EvtOpenChannelEnum(session EvtHandle, flags uint32) (handle EvtHandle, err error) = wevtapi.EvtOpenChannelEnum
//sys _EvtNextChannelPath(channelEnum EvtHandle, channelPathBufferSize uint32, channelPathBuffer *uint16, channelPathBufferUsed *uint32) (err error) = wevtapi.EvtNextChannelPath
//sys _EvtFormatMessage(publisherMetadata EvtHandle, event EvtHandle, messageID uint32, valueCount uint32, values uintptr, flags EvtFormatMessageFlag, bufferSize uint32, buffer *byte, bufferUsed *uint32) (err error) = wevtapi.EvtFormatMessage
//sys _EvtFormatMessage(publisherMetadata EvtHandle, event EvtHandle, messageID uint32, valueCount uint32, values *EvtVariant, flags EvtFormatMessageFlag, bufferSize uint32, buffer *byte, bufferUsed *uint32) (err error) = wevtapi.EvtFormatMessage
//sys _EvtOpenPublisherMetadata(session EvtHandle, publisherIdentity *uint16, logFilePath *uint16, locale uint32, flags uint32) (handle EvtHandle, err error) = wevtapi.EvtOpenPublisherMetadata
//sys _EvtGetPublisherMetadataProperty(publisherMetadata EvtHandle, propertyID EvtPublisherMetadataPropertyID, flags uint32, bufferSize uint32, variant *EvtVariant, bufferUsed *uint32) (err error) = wevtapi.EvtGetPublisherMetadataProperty
//sys _EvtGetEventMetadataProperty(eventMetadata EvtHandle, propertyID EvtEventMetadataPropertyID, flags uint32, bufferSize uint32, variant *EvtVariant, bufferUsed *uint32) (err error) = wevtapi.EvtGetEventMetadataProperty
Expand Down
18 changes: 8 additions & 10 deletions winlogbeat/sys/wineventlog/wineventlog_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -333,19 +333,17 @@ func CreateBookmarkFromXML(bookmarkXML string) (EvtHandle, error) {
// CreateRenderContext creates a render context. Close must be called on
// returned EvtHandle when finished with the handle.
func CreateRenderContext(valuePaths []string, flag EvtRenderContextFlag) (EvtHandle, error) {
paths := make([]uintptr, 0, len(valuePaths))
paths := make([]*uint16, 0, len(valuePaths))
for _, path := range valuePaths {
utf16, err := syscall.UTF16FromString(path)
utf16, err := syscall.UTF16PtrFromString(path)
if err != nil {
return 0, err
}

paths = append(paths, reflect.ValueOf(&utf16[0]).Pointer())
paths = append(paths, utf16)
}

var pathsAddr uintptr
if len(paths) > 0 {
pathsAddr = reflect.ValueOf(&paths[0]).Pointer()
var pathsAddr **uint16
if len(paths) != 0 {
pathsAddr = &paths[0]
}

context, err := _EvtCreateRenderContext(uint32(len(paths)), pathsAddr, flag)
Expand Down Expand Up @@ -413,7 +411,7 @@ func FormatEventString(
// Create a buffer if one was not provided.
var bufferUsed uint32
if buffer == nil {
err := _EvtFormatMessage(ph, eventHandle, 0, 0, 0, messageFlag,
err := _EvtFormatMessage(ph, eventHandle, 0, 0, nil, messageFlag,
0, nil, &bufferUsed)
if err != nil && err != ERROR_INSUFFICIENT_BUFFER { //nolint:errorlint // This is an errno or nil.
return err
Expand All @@ -424,7 +422,7 @@ func FormatEventString(
bufferUsed = 0
}

err := _EvtFormatMessage(ph, eventHandle, 0, 0, 0, messageFlag,
err := _EvtFormatMessage(ph, eventHandle, 0, 0, nil, messageFlag,
uint32(len(buffer)/2), &buffer[0], &bufferUsed)
bufferUsed *= 2
if err == ERROR_INSUFFICIENT_BUFFER { //nolint:errorlint // This is an errno or nil.
Expand Down
8 changes: 4 additions & 4 deletions winlogbeat/sys/wineventlog/zsyscall_windows.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 7e3fec6

Please sign in to comment.