archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/sdktools/trace/relog/win2000/rpdh.cpp

550 lines
16 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. #include <windows.h>
  2. #include <stdio.h>
  3. #include <stdlib.h>
  4. #include <math.h>
  5. #include <assert.h>
  6. #include <pdh.h>
  7. #include <pdhp.h>
  8. #include <pdhmsg.h>
  9. #include <winperf.h>
  10. #include <tchar.h>
  11. #include <varg.h>
  13. #include "rpdh.h"
  15. const DWORD dwFileHeaderLength = 13;
  16. const DWORD dwTypeLoc = 2;
  17. const DWORD dwFieldLength = 7;
  18. const DWORD dwPerfmonTypeLength = 5;
  20. LPCSTR szTsvType = "PDH-TSV";
  21. LPCSTR szCsvType = "PDH-CSV";
  22. LPCSTR szBinaryType = "PDH-BIN";
  23. LPCWSTR cszPerfmonLogSig = (LPCWSTR)L"Loges";
  25. #define MemoryAllocate(x) \
  26. ((LPVOID) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, x))
  27. #define MemoryFree(x) \
  28. if( x ){ ((VOID) HeapFree(GetProcessHeap(), 0, x)); x = NULL; }
  29. #define MemoryResize(x,y) \
  30. ((LPVOID) HeapReAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, x, y));
  32. #define MAKEULONGLONG(low, high) \
  33. ((ULONGLONG) (((DWORD) (low)) | ((ULONGLONG) ((DWORD) (high))) << 32))
  35. #define PDH_BLG_HEADER_SIZE 24
  36. #define PDH_MAX_BUFFER 0x01000000
  37. #define PDH_HEADER_BUFFER 65536
  39. typedef struct _PDHI_BINARY_LOG_RECORD_HEADER {
  40. DWORD dwType;
  41. DWORD dwLength;
  42. } PDHI_BINARY_LOG_RECORD_HEADER, *PPDHI_BINARY_LOG_RECORD_HEADER;
  44. PDH_STATUS
  45. R_PdhRelog( LPTSTR szSource, HQUERY hQuery, PPDH_RELOG_INFO_W pRelogInfo )
  46. {
  47. PDH_STATUS pdhStatus = ERROR_SUCCESS;
  48. HLOG hLogOut;
  49. ULONG nSampleCount = 0;
  50. ULONG nSamplesWritten = 0;
  52. ULONG nRecordSkip;
  54. pdhStatus = PdhOpenLogW(
  55. pRelogInfo->strLog,
  56. pRelogInfo->dwFlags,
  57. &pRelogInfo->dwFileFormat,
  58. hQuery,
  59. 0,
  60. NULL,
  61. &hLogOut
  62. );
  64. if( pdhStatus == ERROR_SUCCESS ){
  66. DWORD dwNumEntries = 1;
  67. DWORD dwBufferSize = sizeof(PDH_TIME_INFO);
  68. PDH_TIME_INFO TimeInfo;
  70. ZeroMemory( &TimeInfo, sizeof( PDH_TIME_INFO ) );
  72. pdhStatus = PdhGetDataSourceTimeRange(
  73. szSource,
  74. &dwNumEntries,
  75. &TimeInfo,
  76. &dwBufferSize
  77. );
  79. if( pRelogInfo->TimeInfo.StartTime > TimeInfo.StartTime &&
  80. pRelogInfo->TimeInfo.StartTime < TimeInfo.EndTime ){
  82. TimeInfo.StartTime = pRelogInfo->TimeInfo.StartTime;
  83. }
  85. if( pRelogInfo->TimeInfo.EndTime < TimeInfo.EndTime &&
  86. pRelogInfo->TimeInfo.EndTime > TimeInfo.StartTime ){
  88. TimeInfo.EndTime = pRelogInfo->TimeInfo.EndTime;
  89. }
  91. if( TimeInfo.EndTime > TimeInfo.StartTime ){
  92. pdhStatus = PdhSetQueryTimeRange( hQuery, &TimeInfo );
  93. }
  95. nRecordSkip = pRelogInfo->TimeInfo.SampleCount >= 1 ? pRelogInfo->TimeInfo.SampleCount : 1;
  97. while( ERROR_SUCCESS == pdhStatus ){
  99. if( nSampleCount++ % nRecordSkip ){
  100. pdhStatus = PdhCollectQueryData( hQuery );
  101. continue;
  102. }
  104. if( ERROR_SUCCESS == pdhStatus ){
  105. pdhStatus = PdhUpdateLog( hLogOut, NULL );
  106. nSamplesWritten++;
  107. }
  108. }
  110. if( PDH_NO_MORE_DATA == pdhStatus ||
  111. (PDH_ENTRY_NOT_IN_LOG_FILE == pdhStatus && pRelogInfo->dwFileFormat == PDH_LOG_TYPE_BINARY) ){
  113. pdhStatus = PdhCloseLog( hLogOut, 0 );
  114. if( ERROR_SUCCESS == pdhStatus ){
  115. PdhGetDataSourceTimeRange( pRelogInfo->strLog, &dwNumEntries, &pRelogInfo->TimeInfo, &dwBufferSize );
  116. }
  117. }
  118. }
  121. pRelogInfo->TimeInfo.SampleCount = nSamplesWritten;
  123. return pdhStatus;
  124. }
  126. DWORD
  127. GetLogFileType (
  128. IN HANDLE hLogFile
  129. )
  130. {
  131. CHAR cBuffer[MAX_PATH];
  132. CHAR cType[MAX_PATH];
  133. WCHAR wcType[MAX_PATH];
  134. BOOL bStatus;
  135. DWORD dwResult;
  136. DWORD dwBytesRead;
  138. memset (&cBuffer[0], 0, sizeof(cBuffer));
  139. memset (&cType[0], 0, sizeof(cType));
  140. memset (&wcType[0], 0, sizeof(wcType));
  142. // read first log file record
  143. SetFilePointer (hLogFile, 0, NULL, FILE_BEGIN);
  145. bStatus = ReadFile (hLogFile,
  146. (LPVOID)cBuffer,
  147. dwFileHeaderLength,
  148. &dwBytesRead,
  149. NULL);
  151. if (bStatus) {
  152. // read header record to get type
  153. lstrcpynA (cType, (LPSTR)(cBuffer+dwTypeLoc), dwFieldLength+1);
  154. if (lstrcmpA(cType, szTsvType) == 0) {
  155. dwResult = PDH_LOG_TYPE_TSV;
  156. } else if (lstrcmpA(cType, szCsvType) == 0) {
  157. dwResult = PDH_LOG_TYPE_CSV;
  158. } else if (lstrcmpA(cType, szBinaryType) == 0) {
  159. dwResult = PDH_LOG_TYPE_RETIRED_BIN_;
  160. } else {
  161. // perfmon log file type string is in a different
  162. // location than sysmon logs and used wide chars.
  163. lstrcpynW (wcType, (LPWSTR)cBuffer, dwPerfmonTypeLength+1);
  164. if (lstrcmpW(wcType, cszPerfmonLogSig) == 0) {
  165. dwResult = PDH_LOG_TYPE_PERFMON;
  166. } else {
  167. dwResult = PDH_LOG_TYPE_UNDEFINED;
  168. }
  169. }
  170. } else {
  171. // unable to read file
  172. dwResult = PDH_LOG_TYPE_UNDEFINED;
  173. }
  174. return dwResult;
  176. }
  178. PDH_STATUS
  179. R_PdhBlgLogFileHeader(LPCWSTR szFile1, LPCWSTR szFile2)
  180. {
  181. BOOL bReturn = FALSE;
  182. PDH_STATUS Status = ERROR_SUCCESS;
  183. LPWSTR szHeaderList1 = NULL;
  184. LPWSTR szHeaderList2 = NULL;
  185. DWORD dwHeader1 = 0;
  186. DWORD dwHeader2 = 0;
  187. LPWSTR szName1;
  188. LPWSTR szName2;
  190. Status = PdhListLogFileHeaderW(szFile1, szHeaderList1, &dwHeader1);
  191. if (Status != ERROR_SUCCESS && Status != PDH_MORE_DATA && Status != PDH_INSUFFICIENT_BUFFER){
  192. goto Cleanup;
  193. }
  194. szHeaderList1 = (LPWSTR)MemoryAllocate( (dwHeader1+1)*sizeof(WCHAR) );
  195. Status = PdhListLogFileHeaderW(szFile1, szHeaderList1, &dwHeader1);
  196. if (Status != ERROR_SUCCESS ){
  197. goto Cleanup;
  198. }
  200. Status = PdhListLogFileHeaderW(szFile2, szHeaderList2, &dwHeader2);
  201. if (Status != ERROR_SUCCESS && Status != PDH_MORE_DATA && Status != PDH_INSUFFICIENT_BUFFER){
  202. goto Cleanup;
  203. }
  204. szHeaderList2 = (LPWSTR)MemoryAllocate( (dwHeader2+1)*sizeof(WCHAR) );
  205. Status = PdhListLogFileHeaderW(szFile2, szHeaderList2, &dwHeader2);
  206. if (Status != ERROR_SUCCESS ){
  207. goto Cleanup;
  208. }
  210. for (szName1 = szHeaderList1, szName2 = szHeaderList2;
  211. szName1[0] != L'\0' && szName2[0] != L'\0';
  212. szName1 += (lstrlenW(szName1) + 1),
  213. szName2 += (lstrlenW(szName2) + 1)) {
  215. if (lstrcmpiW(szName1, szName2) != 0) {
  216. varg_printf( g_debug, _T("(%s) != (%s)\n"), szName1, szName2);
  217. break;
  218. }
  219. }
  221. if (szName1[0] != L'\0' || szName2[0] != L'\0'){
  222. Status = PDH_HEADER_MISMATCH;
  223. }
  225. Cleanup:
  226. MemoryFree( szHeaderList1 );
  227. MemoryFree( szHeaderList2 );
  229. return Status;
  230. }
  232. PDH_STATUS
  233. R_PdhGetLogFileType(
  234. IN LPCWSTR LogFileName,
  235. IN LPDWORD LogFileType)
  236. {
  237. PDH_STATUS pdhStatus = ERROR_SUCCESS;
  238. HANDLE hFile;
  239. DWORD dwLogFormat;
  241. if (LogFileName == NULL) {
  242. pdhStatus = PDH_INVALID_ARGUMENT;
  243. }
  244. else {
  245. __try {
  246. dwLogFormat = * LogFileType;
  247. * LogFileType = dwLogFormat;
  248. if (* LogFileName == L'\0') {
  249. pdhStatus = PDH_INVALID_ARGUMENT;
  250. }
  251. } __except (EXCEPTION_EXECUTE_HANDLER) {
  252. pdhStatus = PDH_INVALID_ARGUMENT;
  253. }
  254. }
  256. if (pdhStatus == ERROR_SUCCESS) {
  257. hFile = CreateFileW(LogFileName,
  258. GENERIC_READ,
  259. FILE_SHARE_READ | FILE_SHARE_WRITE,
  260. NULL,
  261. OPEN_EXISTING,
  262. FILE_ATTRIBUTE_NORMAL,
  263. NULL);
  264. if (hFile == NULL || hFile == INVALID_HANDLE_VALUE) {
  265. pdhStatus = PDH_LOG_FILE_OPEN_ERROR;
  266. }
  267. }
  269. if (pdhStatus == ERROR_SUCCESS) {
  270. dwLogFormat = GetLogFileType(hFile);
  271. CloseHandle(hFile);
  272. }
  274. if (pdhStatus == ERROR_SUCCESS) {
  275. * LogFileType = dwLogFormat;
  276. }
  278. return pdhStatus;
  279. }
  281. PDH_STATUS
  282. R_PdhRelogCopyFile(
  283. HANDLE hOutFile,
  284. HANDLE hInFile,
  285. BOOL bCopyHeader
  286. )
  287. {
  288. BOOL bResult = TRUE;
  289. PDH_STATUS pdhStatus = ERROR_SUCCESS;
  290. DWORD dwSizeLow = 0;
  291. DWORD dwSizeHigh = 0;
  292. DWORD dwBuffer = PDH_MAX_BUFFER;
  293. ULONGLONG lFileSize = 0;
  294. ULONGLONG lCurrent = 0;
  295. LPBYTE pBuffer = NULL;
  296. LPBYTE pCurrent = NULL;
  298. PPDHI_BINARY_LOG_RECORD_HEADER pPdhBlgHeader = NULL;
  300. dwSizeLow = GetFileSize(hInFile, & dwSizeHigh);
  301. lFileSize = MAKEULONGLONG(dwSizeLow, dwSizeHigh);
  302. lCurrent = PDH_BLG_HEADER_SIZE + sizeof(PDHI_BINARY_LOG_RECORD_HEADER);
  303. if (lCurrent > lFileSize) {
  304. pdhStatus = PDH_INVALID_HANDLE;
  305. goto Cleanup;
  306. }
  308. pBuffer = (LPBYTE)MemoryAllocate(dwBuffer);
  309. if (pBuffer == NULL) {
  310. pdhStatus = PDH_MEMORY_ALLOCATION_FAILURE;
  311. goto Cleanup;
  312. }
  314. dwSizeLow = (DWORD) lCurrent;
  315. dwSizeHigh = 0;
  316. bResult = ReadFile(hInFile, pBuffer, dwSizeLow, & dwSizeHigh, NULL);
  318. if ((bResult == FALSE) || (dwSizeLow != dwSizeHigh)) {
  319. pdhStatus = PDH_INVALID_DATA;
  320. goto Cleanup;
  321. }
  323. pPdhBlgHeader = (PPDHI_BINARY_LOG_RECORD_HEADER)
  324. (pBuffer + PDH_BLG_HEADER_SIZE);
  325. if (pPdhBlgHeader->dwType != 0x01024C42) {
  326. pdhStatus = PDH_INVALID_ARGUMENT;
  327. goto Cleanup;
  328. }
  330. if (pPdhBlgHeader->dwLength + PDH_BLG_HEADER_SIZE > dwBuffer) {
  331. LPBYTE pTemp = pBuffer;
  332. pBuffer = (LPBYTE)MemoryResize(pBuffer, pPdhBlgHeader->dwLength);
  333. if (pBuffer == NULL) {
  334. MemoryFree(pTemp);
  335. pdhStatus = PDH_MEMORY_ALLOCATION_FAILURE;
  336. goto Cleanup;
  337. }
  338. }
  339. if ((lCurrent + dwSizeLow) > lFileSize) {
  340. pdhStatus = PDH_INVALID_HANDLE;
  341. goto Cleanup;
  342. }
  343. pCurrent = (LPBYTE) (pBuffer + dwSizeLow);
  344. dwSizeLow = pPdhBlgHeader->dwLength
  345. - sizeof(PDHI_BINARY_LOG_RECORD_HEADER);
  346. dwSizeHigh = 0;
  347. bResult = ReadFile(hInFile, pCurrent, dwSizeLow, & dwSizeHigh, NULL);
  348. if ((bResult == FALSE) || (dwSizeLow != dwSizeHigh)) {
  349. pdhStatus = PDH_INVALID_DATA;
  350. goto Cleanup;
  351. }
  353. lCurrent += dwSizeLow;
  354. if (bCopyHeader) {
  355. dwSizeLow = dwSizeHigh = (DWORD) lCurrent;
  356. bResult = WriteFile(hOutFile, pBuffer, dwSizeLow, & dwSizeHigh, NULL);
  357. if ((bResult == FALSE) || (dwSizeLow != dwSizeHigh)) {
  358. pdhStatus = PDH_INVALID_DATA;
  359. goto Cleanup;
  360. }
  361. }
  363. while (lCurrent + sizeof(PDHI_BINARY_LOG_RECORD_HEADER) < lFileSize) {
  364. ZeroMemory(pBuffer, dwBuffer);
  365. dwSizeLow = sizeof(PDHI_BINARY_LOG_RECORD_HEADER);
  366. dwSizeHigh = 0;
  367. bResult = ReadFile(hInFile, pBuffer, dwSizeLow, & dwSizeHigh, NULL);
  368. if ((bResult == FALSE) || (dwSizeLow != dwSizeHigh)) {
  369. pdhStatus = PDH_INVALID_DATA;
  370. goto Cleanup;
  371. }
  373. pPdhBlgHeader = (PPDHI_BINARY_LOG_RECORD_HEADER) pBuffer;
  374. if ((pPdhBlgHeader->dwType & 0x0000FFFF) != 0x00004C42) {
  375. pdhStatus = PDH_INVALID_ARGUMENT;
  376. goto Cleanup;
  377. }
  379. if (pPdhBlgHeader->dwLength > dwBuffer) {
  380. LPBYTE pTemp = pBuffer;
  381. pBuffer = (LPBYTE)MemoryResize(pBuffer, pPdhBlgHeader->dwLength);
  382. if (pBuffer == NULL) {
  383. MemoryFree(pTemp);
  384. pdhStatus = PDH_MEMORY_ALLOCATION_FAILURE;
  385. goto Cleanup;
  386. }
  387. }
  388. if ((lCurrent + pPdhBlgHeader->dwLength) > lFileSize) {
  389. pdhStatus = PDH_INVALID_HANDLE;
  390. bResult = FALSE;
  391. goto Cleanup;
  392. }
  393. pCurrent = (LPBYTE) (pBuffer + dwSizeLow);
  394. dwSizeLow = pPdhBlgHeader->dwLength
  395. - sizeof(PDHI_BINARY_LOG_RECORD_HEADER);
  396. dwSizeHigh = 0;
  397. bResult = ReadFile(hInFile, pCurrent, dwSizeLow, & dwSizeHigh, NULL);
  398. if ((bResult == FALSE) || (dwSizeLow != dwSizeHigh)) {
  399. pdhStatus = PDH_INVALID_DATA;
  400. goto Cleanup;
  401. }
  403. if ((pPdhBlgHeader->dwType & 0x00FF0000) == 0x00030000) {
  404. dwSizeLow = dwSizeHigh = pPdhBlgHeader->dwLength;
  405. bResult = WriteFile(
  406. hOutFile, pBuffer, dwSizeLow, & dwSizeHigh, NULL);
  407. if ((bResult == FALSE) || (dwSizeLow != dwSizeHigh)) {
  408. pdhStatus = PDH_INVALID_DATA;
  409. goto Cleanup;
  410. }
  411. }
  413. lCurrent += pPdhBlgHeader->dwLength;
  414. }
  416. Cleanup:
  417. if (pBuffer != NULL){
  418. MemoryFree(pBuffer);
  419. }
  421. return pdhStatus;
  422. }
  424. PDH_STATUS
  425. R_PdhAppendLog( LPTSTR szSource, LPTSTR szAppend )
  426. {
  427. HANDLE hSource = INVALID_HANDLE_VALUE;
  428. HANDLE hAppend = INVALID_HANDLE_VALUE;
  429. BOOL bResult = TRUE;
  430. PDH_STATUS pdhStatus;
  432. DWORD dwFormat;
  433. PDH_TIME_INFO TimeSource;
  434. PDH_TIME_INFO TimeAppend;
  435. LPTSTR mszSourceHeader = NULL;
  436. LPTSTR mszAppendHeader = NULL;
  437. DWORD dwSourceSize = 0;
  438. DWORD dwAppendSize = 0;
  440. DWORD dwNumEntries = 1;
  441. DWORD dwBufferSize = sizeof(PDH_TIME_INFO);
  443. //
  444. // Compare the log types, both must be Windows 2000 binary
  445. //
  447. pdhStatus = R_PdhGetLogFileType( szSource, &dwFormat );
  448. if( ERROR_SUCCESS != pdhStatus || PDH_LOG_TYPE_RETIRED_BIN_ != dwFormat ){
  449. if( ERROR_SUCCESS == pdhStatus ){
  450. pdhStatus = PDH_TYPE_MISMATCH;
  451. }
  452. goto cleanup;
  453. }
  455. pdhStatus = R_PdhGetLogFileType( szAppend, &dwFormat );
  456. if( ERROR_SUCCESS != pdhStatus || PDH_LOG_TYPE_RETIRED_BIN_ != dwFormat ){
  457. if( ERROR_SUCCESS == pdhStatus ){
  458. pdhStatus = PDH_TYPE_MISMATCH;
  459. }
  460. goto cleanup;
  461. }
  463. //
  464. // Compare the time ranges, source file must start after append end
  465. //
  467. ZeroMemory( &TimeSource, sizeof( PDH_TIME_INFO ) );
  468. ZeroMemory( &TimeAppend, sizeof( PDH_TIME_INFO ) );
  470. pdhStatus = PdhGetDataSourceTimeRange(
  471. szSource,
  472. &dwNumEntries,
  473. &TimeSource,
  474. &dwBufferSize
  475. );
  476. if( ERROR_SUCCESS != pdhStatus ){
  477. goto cleanup;
  478. }
  480. pdhStatus = PdhGetDataSourceTimeRange(
  481. szAppend,
  482. &dwNumEntries,
  483. &TimeAppend,
  484. &dwBufferSize
  485. );
  486. if( ERROR_SUCCESS != pdhStatus ){
  487. goto cleanup;
  488. }
  490. if( TimeSource.EndTime > TimeAppend.StartTime ){
  491. pdhStatus = PDH_TIME_MISMATCH;
  492. goto cleanup;
  493. }
  495. //
  496. // Compare the headers, must be exact match
  497. //
  499. pdhStatus = R_PdhBlgLogFileHeader( szSource, szAppend );
  500. if( ERROR_SUCCESS != pdhStatus ){
  501. goto cleanup;
  502. }
  504. //
  505. // All good, now do the actual append
  506. //
  508. hSource = CreateFileW(
  509. szSource,
  510. GENERIC_READ|GENERIC_WRITE,
  511. FILE_SHARE_READ,
  512. NULL,
  513. OPEN_EXISTING,
  514. FILE_ATTRIBUTE_NORMAL,
  515. NULL
  516. );
  518. hAppend = CreateFileW(
  519. szAppend,
  520. GENERIC_READ,
  521. FILE_SHARE_READ,
  522. NULL,
  523. OPEN_EXISTING,
  524. FILE_ATTRIBUTE_NORMAL,
  525. NULL
  526. );
  528. if ( INVALID_HANDLE_VALUE == hSource || INVALID_HANDLE_VALUE == hAppend ){
  529. pdhStatus = PDH_LOG_FILE_OPEN_ERROR;
  530. goto cleanup;
  531. }
  533. SetFilePointer( hSource, NULL, NULL, FILE_END );
  534. pdhStatus = R_PdhRelogCopyFile( hSource, hAppend, FALSE);
  536. cleanup:
  537. MemoryFree( mszSourceHeader );
  538. MemoryFree( mszAppendHeader );
  540. if ( INVALID_HANDLE_VALUE != hAppend ) {
  541. CloseHandle(hAppend);
  542. }
  543. if ( INVALID_HANDLE_VALUE != hSource ) {
  544. CloseHandle(hSource);
  545. }
  547. return pdhStatus;
  548. }