#include #include #include #include #include #include #include #include #define DEBUG #define MAXEVENTS 5000 #define MAXSTR 1024 TRACEHANDLE LoggerHandle; #define ResourceName _T("MofResource") TCHAR ImagePath[MAXSTR]; GUID TransactionGuid[2] = { {0xce5b1020, 0x8ea9, 0x11d0, 0xa4, 0xec, 0x00, 0xa0, 0xc9, 0x06, 0x29, 0x10}, {0xf684e86f, 0xba1d, 0x11d2, 0x8b, 0xbf, 0x00, 0x00, 0xf8, 0x06, 0xef, 0xe0} }; GUID ControlGuid[2] = { {0xd58c126f, 0xb309, 0x11d1, 0x96, 0x9e, 0x00, 0x00, 0xf8, 0x75, 0xa5, 0xbc}, {0x7c6a708a, 0xba1e, 0x11d2, 0x8b, 0xbf, 0x00, 0x00, 0xf8, 0x06, 0xef, 0xe0} }; TRACE_GUID_REGISTRATION TraceGuidReg[2] = { { (LPGUID)&TransactionGuid[0], NULL }, { (LPGUID)&TransactionGuid[1], NULL } }; typedef struct _USER_EVENT { EVENT_TRACE_HEADER Header; MOF_FIELD mofData; } USER_EVENT, *PUSER_EVENT; typedef struct _USER_INSTANCE_EVENT { EVENT_INSTANCE_HEADER Header; MOF_FIELD mofData; } USER_INSTANCE_EVENT, *PUSER_INSTANCE_EVENT; TRACEHANDLE RegistrationHandle[2]; BOOLEAN RegistrationSuccess; ULONG EnableLevel = 0; ULONG EnableFlags = 0; ULONG InitializeTrace( IN LPTSTR ExePath, FILE* fp ); ULONG ControlCallback( IN WMIDPREQUESTCODE RequestCode, IN PVOID Context, IN OUT ULONG *InOutBufferSize, IN OUT PVOID Buffer ); GUID StringToGuid(TCHAR *str); LPTSTR Decodestatus(IN ULONG Status); HANDLE ghTraceOnEvent; ULONG TraceOnFlag; UINT nSleepTime = 0; TCHAR ErrorMsg[MAXSTR]; ULONG gnMultiReg=1; int __cdecl _tmain(int argc, _TCHAR **argv) { ULONG status; USER_EVENT UserEvent; USER_INSTANCE_EVENT UserInstanceEvent; EVENT_INSTANCE_INFO InstInfo; ULONG i; ULONG MaxEvents; //ULONG InstanceId; PWNODE_HEADER Wnode; TCHAR *str; int err; BOOL bInstanceTrace=0, bUseGuidPtr=0, bUseMofPtr=0; BOOL bIncorrect = FALSE; BOOL bUseNullPtr = FALSE; PMOF_FIELD mofField; TCHAR strMofData[MAXSTR]; FILE *fp; fp = _tfopen(_T("provider.log"), _T("a+")); if(fp==NULL) {_tprintf(_T("pf=NULL\n"));}; MaxEvents = MAXEVENTS; TraceOnFlag = 0; if (argc > 1) MaxEvents = _ttoi(argv[1]); if(argc > 2) ControlGuid[0] = StringToGuid(argv[2]); if(argc > 3) nSleepTime = _ttoi(argv[3]); err = UuidToString(&ControlGuid[0], &str); if(RPC_S_OK == err) _tprintf(_T("The ControlGuid is : %s\n"), str); else _tprintf(_T("Error(%d) converting uuid\n"), err); _ftprintf(fp, _T("The ControlGuid is : %s\n"), str); if(argc > 4) { if(!_tcscmp(_T("TraceInstance"), argv[4])) bInstanceTrace = TRUE; } if(argc > 5) { if(!_tcscmp(_T("GuidPtr"), argv[5])) bUseGuidPtr = TRUE; else if(!_tcscmp(_T("MofPtr"), argv[5])) bUseMofPtr = TRUE; else if(!_tcscmp(_T("GuidPtrMofPtr"), argv[5])) { bUseGuidPtr = TRUE; bUseMofPtr = TRUE; } else if (!_tcscmp(_T("InCorrectMofPtr"), argv[5])) { bUseMofPtr = TRUE; bIncorrect = TRUE; } else if (!_tcscmp(_T("NullMofPtr"), argv[5])) { bUseMofPtr = TRUE; bUseNullPtr = TRUE; bIncorrect = TRUE; } } if(argc > 6) { if(!_tcscmp(_T("MultiReg"), argv[6])) gnMultiReg=2; //use 2 registrations for now } status = InitializeTrace(_T("tracedp.exe"), fp); if (status != ERROR_SUCCESS) { _ftprintf(fp, _T("InitializeTrace failed, status=%d, %s\n"), status, Decodestatus(status)); return 0; } _tprintf(_T("Testing Logger with %d events\n"), MaxEvents); RtlZeroMemory(&UserEvent, sizeof(UserEvent)); Wnode = (PWNODE_HEADER) &UserEvent; UserEvent.Header.Size = sizeof(USER_EVENT); UserEvent.Header.Flags = WNODE_FLAG_TRACED_GUID; if(bUseGuidPtr) { _tprintf(_T("\n********Use Guid Pointer**********\n")); UserEvent.Header.Flags |= WNODE_FLAG_USE_GUID_PTR; UserEvent.Header.GuidPtr = (ULONGLONG)&TransactionGuid[0]; } else UserEvent.Header.Guid = TransactionGuid[0]; RtlZeroMemory(&UserInstanceEvent, sizeof(UserInstanceEvent)); UserInstanceEvent.Header.Size = sizeof(USER_INSTANCE_EVENT); UserInstanceEvent.Header.Flags = WNODE_FLAG_TRACED_GUID; if(bUseMofPtr) { _tprintf(_T("\n=======Use Mof Pointer========\n")); _tcscpy(strMofData, str); UserEvent.Header.Flags |= WNODE_FLAG_USE_MOF_PTR; mofField = (PMOF_FIELD) & UserEvent.mofData; if (bUseNullPtr) mofField->DataPtr = (ULONGLONG) (NULL); else mofField->DataPtr = (ULONGLONG) (strMofData); if (bIncorrect) mofField->Length = sizeof(TCHAR) * (_tcslen(strMofData) + 1000); else mofField->Length = sizeof(TCHAR) * (_tcslen(strMofData) + 1); UserInstanceEvent.Header.Flags |= WNODE_FLAG_USE_MOF_PTR; mofField = (PMOF_FIELD) & UserInstanceEvent.mofData; if (bUseNullPtr) mofField->DataPtr = (ULONGLONG) (NULL); else mofField->DataPtr = (ULONGLONG) (strMofData); if (bIncorrect) mofField->Length = sizeof(TCHAR) * (_tcslen(strMofData) + 10000); else mofField->Length = sizeof(TCHAR) * (_tcslen(strMofData) + 1); } if(bInstanceTrace) { status = CreateTraceInstanceId((PVOID)TraceGuidReg[0].RegHandle, &InstInfo); _tprintf(_T("\n-------TraceEventInstance-----\n")); if (status != ERROR_SUCCESS) { _ftprintf(fp, _T("CreatTraceInstanceId() failed. status=%d, %s\n"), status, Decodestatus(status)); } } _ftprintf(fp, _T("%d Events, %s, %s, %s, %s, sleep time=%d\n"), MaxEvents, bInstanceTrace? _T("TraceEventInstance"): _T("TraceEvent"), bUseGuidPtr? _T("Use GuidPtr"): _T("Use Guid"), bUseMofPtr? _T("Use MofPtr"): _T("Not use MofPtr"), gnMultiReg==1 ? _T("Single Registration"): _T("Multiple Registrations"), nSleepTime); i = 0; while (1) { if(WAIT_FAILED == WaitForSingleObject(ghTraceOnEvent, INFINITE)) { _tprintf(_T("Error(%d) waiting for ghTraceOnEvent object\n"), GetLastError()); } if (TraceOnFlag == 1 && i < MaxEvents) { i++; if (i == ((i/2) * 2) ) { UserEvent.Header.Class.Type = EVENT_TRACE_TYPE_START; UserInstanceEvent.Header.Class.Type = EVENT_TRACE_TYPE_START; } else { UserEvent.Header.Class.Type = EVENT_TRACE_TYPE_END; UserInstanceEvent.Header.Class.Type = EVENT_TRACE_TYPE_END; } if(bInstanceTrace) { status = TraceEventInstance(LoggerHandle, (PEVENT_INSTANCE_HEADER)&UserInstanceEvent, &InstInfo, NULL); if (status != ERROR_SUCCESS) { _tprintf(_T("%d TraceEventInstance() failed, status=%d %s\n"), i, status, Decodestatus(status)); _ftprintf(fp, _T("\ni=%d TraceEventInstance() failed, break! status=%d %s\n"), i, status, Decodestatus(status)); return 0; } } else { status = TraceEvent(LoggerHandle, (PEVENT_TRACE_HEADER) &UserEvent); if (status != ERROR_SUCCESS) { fprintf(stderr, "Error(%d) while writing event.\n", status); _ftprintf(fp, _T("\ni=%d TraceEvent() failed, break!\nstatus=%d %s\n"), i, status, Decodestatus(status)); return 0; } } if (i >= MaxEvents) { _ftprintf(fp, _T("\ni=%d MaxEvents=%d break!\n\n"), i, MaxEvents); } else if (!(i % 100)) { _ftprintf(fp, _T(".")); _tprintf(_T(".")); if(nSleepTime) _sleep(nSleepTime); } } if (TraceOnFlag == 2) { _ftprintf(fp, _T("\ni=%d TraceOnFlag == 2 break!\n\n"), i); break; } } fclose(fp); CloseHandle(ghTraceOnEvent); for(i=0; i< gnMultiReg; i++) UnregisterTraceGuids(RegistrationHandle[i]); return (0); } ULONG InitializeTrace( IN LPTSTR ExePath, FILE* fp ) { ULONG Status; ULONG i, j; Status = GetModuleFileName(NULL, &ImagePath[0], MAXSTR*sizeof(TCHAR)); if (Status == 0) { return (ERROR_FILE_NOT_FOUND); } ghTraceOnEvent = CreateEvent( NULL, // security attributes TRUE, // manual reset FALSE, // initial state NULL // pointer to event-object ); if(NULL == ghTraceOnEvent) { Status=GetLastError(); _tprintf(_T("Error(%d) creating TraceOnEvent\n"), Status); return Status; } for (i=0; i0) for (j=0; j