mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
451 lines
11 KiB
451 lines
11 KiB
#define MAX_STR 256
|
|
#define MAX_GUIDS 10
|
|
|
|
#define _UNICODE
|
|
#define UNICODE
|
|
|
|
#include "stdafx.h"
|
|
|
|
#pragma warning (disable : 4786)
|
|
#pragma warning (disable : 4275)
|
|
|
|
#include <iostream>
|
|
#include <strstream>
|
|
#include <fstream>
|
|
#include <string>
|
|
#include <sstream>
|
|
#include <map>
|
|
#include <list>
|
|
|
|
|
|
using namespace std;
|
|
|
|
|
|
#include <tchar.h>
|
|
#include <process.h>
|
|
#include <windows.h>
|
|
#ifdef NONNT5
|
|
typedef unsigned long ULONG_PTR;
|
|
#endif
|
|
#include <wmistr.h>
|
|
#include <guiddef.h>
|
|
#include <initguid.h>
|
|
#include <evntrace.h>
|
|
|
|
#include <WTYPES.H>
|
|
|
|
/*
|
|
|
|
#include "stdafx.h"
|
|
|
|
#include <string>
|
|
#include <iosfwd>
|
|
#include <iostream>
|
|
#include <fstream>
|
|
#include <ctime>
|
|
#include <list>
|
|
using namespace std;
|
|
#include <malloc.h>
|
|
#include <windows.h>
|
|
|
|
|
|
#include <stdlib.h>
|
|
#include <stdio.h>
|
|
#include <windows.h>
|
|
#include <tchar.h>
|
|
#include <wmistr.h>
|
|
#include <objbase.h>
|
|
#include <initguid.h>
|
|
#include <evntrace.h>
|
|
*/
|
|
#include "struct.h"
|
|
#include "utils.h"
|
|
#include "Readfile.h"
|
|
#include "main.h"
|
|
|
|
|
|
|
|
|
|
|
|
TRACEHANDLE LoggerHandle = (TRACEHANDLE) 2;
|
|
ULONG TraceEventFlag = 0, EnableLevel = 0, EnableFlags = 0;
|
|
ULONG LoggerEnableLevel, LoggerEnableFlag;
|
|
ULONG TraceMode;
|
|
ULONG DataBlockSize = 0;
|
|
ULONG TraceEventInstanceFlag = 0;
|
|
PREGISTER_TRACE_GUID RegisterTraceGuid;
|
|
GUID TransactionGuid[12] = { { 0xa7301ec8, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xa8558716, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xa9226a42, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xaa395d64, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xaa8ccfb2, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xaad4563e, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xab171816, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xab55153a, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xab84c442, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xabb210f0, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xabe1bff8, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 },
|
|
{ 0xb01e8dee, 0x1200, 0x11d3, 0x99, 0x06, 0x00, 0xc0, 0x4f, 0x79, 0xb3, 0xf8 } };
|
|
|
|
|
|
typedef struct _BLOCK1 {
|
|
UCHAR EventChar;
|
|
ULONG EventUlong;
|
|
} BLOCK1, *PBLOCK1;
|
|
|
|
typedef struct _EVENT_BLOCK1 {
|
|
EVENT_TRACE_HEADER Header;
|
|
BLOCK1 Block1;
|
|
} EVENT_BLOCK1, *P_EVENT_BLOCK1;
|
|
|
|
typedef struct _EVENT_INSTANCE_BLOCK1 {
|
|
EVENT_INSTANCE_HEADER Header;
|
|
UCHAR EventChar;
|
|
ULONG EventUlong;
|
|
} EVENT_INSTANCE_BLOCK1, *P_EVENT_INSTANCE_BLOCK1;
|
|
|
|
typedef struct _EVENT_BLOCK2 {
|
|
EVENT_TRACE_HEADER Header;
|
|
MOF_FIELD MofField;
|
|
} EVENT_BLOCK2, *P_EVENT_BLOCK2;
|
|
|
|
|
|
BLOCK1 Block1;
|
|
EVENT_BLOCK1 EventBlock1;
|
|
EVENT_BLOCK2 EventBlock2;
|
|
EVENT_INSTANCE_BLOCK1 EventInstanceBlock1;
|
|
TRACE_GUID_REGISTRATION TraceGuidReg[MAX_GUIDS];
|
|
|
|
main(int argc, char* argv[])
|
|
{
|
|
LPTSTR CommandFile;
|
|
TRACEHANDLE RegistrationHandle;
|
|
ULONG Status;
|
|
LPTSTR *commandLine;
|
|
LPGUID pGuid;
|
|
ULONG Count;
|
|
ULONG GuidCount = 0;
|
|
//CLogger *pLoggingInfo;
|
|
LPCTSTR LogFileName;
|
|
LPTSTR *targv;
|
|
int i;
|
|
|
|
|
|
pGuid = (LPGUID ) malloc(MAX_GUIDS * sizeof(GUID));
|
|
CommandFile = (LPTSTR) malloc(sizeof(TCHAR)*MAX_STR);
|
|
LogFileName = (LPCTSTR) malloc(sizeof(TCHAR)*MAX_STR);
|
|
targv = (LPTSTR *) malloc(argc*sizeof(LPTSTR));
|
|
for( i = 0; i < argc; i++ )
|
|
targv[i] = (LPTSTR) malloc(sizeof(TCHAR)*MAX_STR);
|
|
|
|
SplitCommandLine( GetCommandLine(), targv);
|
|
for( i = 0; i < MAX_GUIDS; i++)
|
|
TraceGuidReg[i].Guid = &TransactionGuid[i];
|
|
Count = 1;
|
|
while ( Count <= (argc-1) )
|
|
{
|
|
if ( !_tcsicmp(targv[Count], _T("-guids") ))
|
|
{
|
|
Count++;
|
|
if (Count <= argc)
|
|
{
|
|
ConvertAsciiToGuid( targv[Count], &pGuid[GuidCount]);
|
|
GuidCount++;
|
|
Count++;
|
|
}
|
|
continue;
|
|
}
|
|
|
|
if( !_tcsicmp(targv[Count], _T("-file") ))
|
|
{
|
|
Count++;
|
|
if ( Count <= argc)
|
|
{
|
|
CommandFile = targv[Count];
|
|
Count++;
|
|
}
|
|
continue;
|
|
}
|
|
|
|
if( !_tcsicmp(targv[Count], _T("-flag") ))
|
|
{
|
|
Count++;
|
|
if( Count <= argc)
|
|
{
|
|
LoggerEnableFlag = atoi(argv[Count]);
|
|
Count++;
|
|
}
|
|
continue;
|
|
}
|
|
|
|
if( !_tcsicmp(targv[Count], _T("-level") ))
|
|
{
|
|
Count++;
|
|
if( Count <= argc)
|
|
{
|
|
LoggerEnableLevel = atoi(argv[Count]);
|
|
Count++;
|
|
}
|
|
continue;
|
|
}
|
|
|
|
if( !_tcsicmp(targv[Count], _T("-mode") ))
|
|
{
|
|
Count++;
|
|
if( Count <= argc)
|
|
{
|
|
TraceMode = atoi(argv[Count]);
|
|
Count++;
|
|
continue;
|
|
}
|
|
}
|
|
|
|
if( !_tcsicmp(targv[Count], _T("-TraceEventInstance") ))
|
|
{
|
|
Count++;
|
|
TraceEventInstanceFlag = 1;
|
|
continue;
|
|
}
|
|
|
|
if( !_tcsicmp(targv[Count], _T("-log") ))
|
|
{
|
|
Count++;
|
|
if( Count <= argc )
|
|
{
|
|
//LogFileName = _T(argv[Count]);
|
|
LogFileName = _T("C:\\");
|
|
Count++;
|
|
continue;
|
|
}
|
|
}
|
|
|
|
Count++;
|
|
continue;
|
|
}
|
|
|
|
Count = sizeof(REGISTER_TRACE_GUID);
|
|
RegisterTraceGuid = (PREGISTER_TRACE_GUID ) malloc(sizeof(REGISTER_TRACE_GUID));
|
|
RegisterTraceGuid->ControlGuid = (LPGUID) malloc(sizeof(GUID));
|
|
RegisterTraceGuid->MofImagePath = (TCHAR *) malloc (sizeof(TCHAR)*MAX_STR);
|
|
RegisterTraceGuid->MofResourceName = (TCHAR *) malloc (sizeof(TCHAR)*MAX_STR);
|
|
|
|
if( RegisterTraceGuid == NULL)
|
|
{
|
|
printf("\nGufooo");
|
|
exit(0);
|
|
}
|
|
InitializeRegisterTraceGuid( RegisterTraceGuid );
|
|
|
|
RegisterTraceGuid->UseMofPtrFlag = 0;
|
|
RegisterTraceGuid->UseGuidPtrFlag = 0;
|
|
|
|
Status = ReadInputFile( CommandFile, RegisterTraceGuid );
|
|
|
|
|
|
if( RegisterTraceGuid->GuidCount != 0)
|
|
RegisterTraceGuid->GuidCount = GuidCount;
|
|
|
|
if( RegisterTraceGuid->CallBackFunction != 0)
|
|
RegisterTraceGuid->CallBackFunction = ProviderCallBack;
|
|
|
|
if( RegisterTraceGuid->TraceGuidReg != 0 )
|
|
RegisterTraceGuid->TraceGuidReg = ( PTRACE_GUID_REGISTRATION) &TraceGuidReg[0];
|
|
|
|
if( RegisterTraceGuid->RegistrationHandle != 0 )
|
|
RegisterTraceGuid->RegistrationHandle = &RegistrationHandle;
|
|
|
|
if( RegisterTraceGuid->GuidCount != 0 )
|
|
RegisterTraceGuid->GuidCount = MAX_GUIDS;
|
|
|
|
//InitializeLogging( LogFileName, pLoggingInfo);
|
|
|
|
//if (pLoggingInfo)
|
|
//{
|
|
//pLoggingInfo->LogTCHAR(_T("\n*******************************************************\n"));
|
|
//pLoggingInfo->LogTCHAR(_T("StartTraceAPI TCO test "));
|
|
//pLoggingInfo->Flush();
|
|
//}
|
|
|
|
|
|
|
|
Status = RegisterTraceGuids( ProviderCallBack,
|
|
NULL, //Context
|
|
pGuid,
|
|
RegisterTraceGuid->GuidCount,
|
|
RegisterTraceGuid->TraceGuidReg,
|
|
RegisterTraceGuid->MofImagePath,
|
|
RegisterTraceGuid->MofResourceName,
|
|
RegisterTraceGuid->RegistrationHandle );
|
|
|
|
if( RegisterTraceGuid->UnRegistrationHandle != 0 )
|
|
{
|
|
Status = UnregisterTraceGuids( (TRACEHANDLE) 0 );
|
|
return;
|
|
}
|
|
|
|
if( Status == ERROR_SUCCESS)
|
|
{
|
|
Count = 0;
|
|
do
|
|
{
|
|
if( (TraceEventFlag ) && ( TraceEventInstanceFlag) )
|
|
{
|
|
Status = TraceEventInstances( TraceMode, (Count%10), Count);
|
|
Count++;
|
|
}
|
|
else if (TraceEventFlag)
|
|
{
|
|
Status = TraceEvents( TraceMode, (Count%10), (Count%100));
|
|
Count++;
|
|
}
|
|
|
|
}while(1);
|
|
Status = UnregisterTraceGuids( *(RegisterTraceGuid->RegistrationHandle));
|
|
}
|
|
}
|
|
|
|
|
|
ULONG ProviderCallBack(WMIDPREQUESTCODE RequestCode,
|
|
PVOID Context,
|
|
ULONG *InOutBufferSize,
|
|
PVOID Buffer)
|
|
{
|
|
switch (RequestCode )
|
|
{
|
|
case WMI_ENABLE_EVENTS:
|
|
{
|
|
TraceEventFlag = 1;
|
|
LoggerHandle = GetTraceLoggerHandle( Buffer );
|
|
EnableLevel = GetTraceEnableLevel(LoggerHandle);
|
|
EnableFlags = GetTraceEnableFlags(LoggerHandle);
|
|
break;
|
|
}
|
|
|
|
case WMI_DISABLE_EVENTS:
|
|
{
|
|
TraceEventFlag = 0;
|
|
break;
|
|
}
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
|
|
void
|
|
InitializeRegisterTraceGuid( PREGISTER_TRACE_GUID RegisterTraceGuid )
|
|
{
|
|
//Initialize with some random values and then read from the input
|
|
//file. If any of these parameters needs to be tested with 0,
|
|
//input files will set this as zero.
|
|
if( RegisterTraceGuid )
|
|
{
|
|
RegisterTraceGuid->GuidCount = 0xa5;
|
|
RegisterTraceGuid->CallBackFunction = (PVOID) 0xa5a5a5;
|
|
RegisterTraceGuid->TraceGuidReg = (PTRACE_GUID_REGISTRATION) (0xa5a5a5);
|
|
RegisterTraceGuid->RegistrationHandle = (PTRACEHANDLE) (0xa5a5a5);
|
|
RegisterTraceGuid->UnRegistrationHandle = (PTRACEHANDLE) (0xa5a5a5);
|
|
}
|
|
|
|
}
|
|
|
|
ULONG
|
|
TraceEvents ( ULONG TraceMode, ULONG TraceGuid, ULONG Count)
|
|
{
|
|
ULONG Status;
|
|
|
|
switch ( TraceMode )
|
|
{
|
|
case 0 :
|
|
{
|
|
if( RegisterTraceGuid->UseMofPtrFlag != 1)
|
|
{
|
|
EventBlock1.Header.Size = sizeof(EventBlock1);
|
|
ULONG Temp = sizeof(Block1);
|
|
EventBlock1.Header.Guid = TransactionGuid[TraceGuid];
|
|
EventBlock1.Header.Flags = WNODE_FLAG_TRACED_GUID;
|
|
if( RegisterTraceGuid->UseGuidPtrFlag == 1)
|
|
{
|
|
EventBlock1.Header.Flags |= WNODE_FLAG_USE_GUID_PTR;
|
|
EventBlock1.Header.GuidPtr = (ULONGLONG) &TransactionGuid[TraceGuid];
|
|
}
|
|
EventBlock1.Block1.EventChar = (UCHAR) Count;
|
|
EventBlock1.Block1.EventUlong = Count;
|
|
Status = TraceEvent( LoggerHandle, (PEVENT_TRACE_HEADER) &EventBlock1);
|
|
}
|
|
else
|
|
{
|
|
EventBlock2.Header.Size = sizeof(EventBlock2);
|
|
EventBlock2.Header.Flags = WNODE_FLAG_USE_MOF_PTR;
|
|
EventBlock2.Header.Guid = TransactionGuid[TraceGuid];
|
|
EventBlock2.Header.Flags |= WNODE_FLAG_TRACED_GUID;
|
|
EventBlock2.MofField.DataPtr = (ULONGLONG) &Block1;
|
|
EventBlock2.MofField.Length = sizeof(BLOCK1);
|
|
if( RegisterTraceGuid->UseGuidPtrFlag == 1)
|
|
{
|
|
EventBlock2.Header.Flags |= WNODE_FLAG_USE_GUID_PTR;
|
|
EventBlock2.Header.GuidPtr = (ULONGLONG) &TransactionGuid[TraceGuid];
|
|
}
|
|
Block1.EventChar = (UCHAR) Count;
|
|
Block1.EventUlong = Count;
|
|
Status = TraceEvent( LoggerHandle, (PEVENT_TRACE_HEADER) &EventBlock2);
|
|
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
ULONG
|
|
TraceEventInstances ( ULONG TraceMode, ULONG TraceGuid, ULONG Count)
|
|
{
|
|
ULONG Status;
|
|
EVENT_INSTANCE_INFO InstanceInfo;
|
|
switch ( TraceMode )
|
|
{
|
|
case 0 :
|
|
{
|
|
EventInstanceBlock1.Header.Size = sizeof(EventInstanceBlock1);
|
|
EventInstanceBlock1.Header.Flags = WNODE_FLAG_TRACED_GUID;
|
|
if( RegisterTraceGuid->UseMofPtrFlag == 1)
|
|
EventInstanceBlock1.Header.Flags |= WNODE_FLAG_USE_MOF_PTR;
|
|
EventInstanceBlock1.EventChar = (UCHAR) Count;
|
|
EventInstanceBlock1.EventUlong = Count;
|
|
Status = CreateTraceInstanceId( TraceGuidReg[TraceGuid].RegHandle,
|
|
&InstanceInfo);
|
|
if( Status == ERROR_SUCCESS )
|
|
Status = TraceEventInstance( LoggerHandle, (PEVENT_INSTANCE_HEADER) &EventBlock1,
|
|
&InstanceInfo,
|
|
NULL);
|
|
break;
|
|
}
|
|
}
|
|
return Status;
|
|
|
|
}
|
|
|
|
/*
|
|
int InitializeLogging( LPCTSTR lpctstrTCOFile, CLogger *&pLoggingInfo)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
// t_string tsError;
|
|
|
|
if (lpctstrTCOFile)
|
|
{
|
|
// Open *our* logger file.
|
|
pLoggingInfo = new CLogger(lpctstrTCOFile, false);
|
|
hr = pLoggingInfo->GetOpenStatus();
|
|
if (FAILED (hr))
|
|
{
|
|
// tsError = _T("Could not open detail log file \"");
|
|
// tsError += lpctstrTCOFile;
|
|
// tsError += _T("\".");
|
|
//*plpstrReturnedError = NewTCHAR(tsError.c_str());
|
|
return hr;
|
|
}
|
|
}
|
|
return hr;
|
|
}
|
|
*/
|