Skip to content

gh-135852: Add NTEventLog related functions to _winapi #137860

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

gh-135852: Add NTEventLog related functions to _winapi #137860

wants to merge 19 commits into from

Conversation

aisk
Copy link
Member

@aisk aisk commented Aug 16, 2025
edited
Loading

Please note that the lpUserSid parameter in ReportEvent don't added because it needs passing a new struct from Python to it, and we don't need this parameter for the usage of implement NTEventLogHandler. If we want add it in the future, we can add it as kwargs.

Docuements for these functions:

@bedevere-app bedevere-app bot mentioned this pull request Aug 16, 2025
Open
sharktide
sharktide reviewed Aug 18, 2025
View reviewed changes
Copy link
Contributor

@sharktide sharktide left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please fix the test fails :)

@aisk
Copy link
Member Author

aisk commented Aug 18, 2025

Sorry, I forgot to check the CI result after the push.

serhiy-storchaka
serhiy-storchaka reviewed Sep 3, 2025
View reviewed changes
Copy link
Member

@serhiy-storchaka serhiy-storchaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your PR @aisk. It look interesting.

Could you please show how can this be used in NTEventLogHandler? Maybe not in this PR, but in a separate PR created on top of this?

Modules/_winapi.c Outdated
PyObject *item = PyList_GetItem(strings, i);
if (!PyUnicode_Check(item)) {
PyMem_Free(string_array);
PyErr_SetString(PyExc_TypeError, "All strings must be unicode");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"unicode" is a weird term. There is no longer type unicode. I would suggest something like: "expected a list of strings, not %T".

Modules/_winapi.c Outdated
// Handle raw data
if (raw_data->buf != NULL) {
data = raw_data->buf;
data_size = (DWORD) raw_data->len;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Possible integer overflow.

@aisk aisk marked this pull request as draft September 8, 2025 15:52
@aisk aisk marked this pull request as ready for review September 9, 2025 17:27
@aisk
Copy link
Member Author

aisk commented Sep 9, 2025

Thank you for your PR @aisk. It look interesting.

Could you please show how can this be used in NTEventLogHandler? Maybe not in this PR, but in a separate PR created on top of this?

Thanks for the view! I'll create another PR based on this to try to implement the whole feature in the original issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@serhiy-storchaka serhiy-storchaka serhiy-storchaka left review comments

+1 more reviewer

@sharktide sharktide sharktide left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

awaiting review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aisk @serhiy-storchaka @sharktide