ホーム › System.Diagnostics.Etw › CveEventWrite
CveEventWrite
関数CVE脆弱性の悪用検知を示すETWイベントを記録する。
シグネチャ
// ADVAPI32.dll
#include <windows.h>
INT CveEventWrite(
LPCWSTR CveId,
LPCWSTR AdditionalDetails // optional
);パラメーター
| 名前 | 型 | 方向 |
|---|---|---|
| CveId | LPCWSTR | in |
| AdditionalDetails | LPCWSTR | inoptional |
戻り値の型: INT
各言語での呼び出し定義
// ADVAPI32.dll
#include <windows.h>
INT CveEventWrite(
LPCWSTR CveId,
LPCWSTR AdditionalDetails // optional
);[DllImport("ADVAPI32.dll", ExactSpelling = true)]
static extern int CveEventWrite(
[MarshalAs(UnmanagedType.LPWStr)] string CveId, // LPCWSTR
[MarshalAs(UnmanagedType.LPWStr)] string AdditionalDetails // LPCWSTR optional
);<DllImport("ADVAPI32.dll", ExactSpelling:=True)>
Public Shared Function CveEventWrite(
<MarshalAs(UnmanagedType.LPWStr)> CveId As String, ' LPCWSTR
<MarshalAs(UnmanagedType.LPWStr)> AdditionalDetails As String ' LPCWSTR optional
) As Integer
End Function' CveId : LPCWSTR
' AdditionalDetails : LPCWSTR optional
Declare PtrSafe Function CveEventWrite Lib "advapi32" ( _
ByVal CveId As LongPtr, _
ByVal AdditionalDetails As LongPtr) As Long
' VBA7前提(PtrSafe)。32bit Office では LongPtr→Long。Integer=16bit / Long=32bit / LongLong=64bit。import ctypes
from ctypes import wintypes
CveEventWrite = ctypes.windll.advapi32.CveEventWrite
CveEventWrite.restype = ctypes.c_int
CveEventWrite.argtypes = [
wintypes.LPCWSTR, # CveId : LPCWSTR
wintypes.LPCWSTR, # AdditionalDetails : LPCWSTR optional
]require 'fiddle'
require 'fiddle/import'
lib = Fiddle.dlopen('ADVAPI32.dll')
CveEventWrite = Fiddle::Function.new(
lib['CveEventWrite'],
[
Fiddle::TYPE_VOIDP, # CveId : LPCWSTR
Fiddle::TYPE_VOIDP, # AdditionalDetails : LPCWSTR optional
],
Fiddle::TYPE_INT)#[link(name = "advapi32")]
extern "system" {
fn CveEventWrite(
CveId: *const u16, // LPCWSTR
AdditionalDetails: *const u16 // LPCWSTR optional
) -> i32;
}
// crates: windows-sys provides ready-made bindings for this API.$sig = @"
[DllImport("ADVAPI32.dll")]
public static extern int CveEventWrite([MarshalAs(UnmanagedType.LPWStr)] string CveId, [MarshalAs(UnmanagedType.LPWStr)] string AdditionalDetails);
"@
$api = Add-Type -MemberDefinition $sig -Name 'ADVAPI32_CveEventWrite' -Namespace Win32 -PassThru
# $api::CveEventWrite(CveId, AdditionalDetails)#uselib "ADVAPI32.dll"
#func global CveEventWrite "CveEventWrite" sptr, sptr
; CveEventWrite CveId, AdditionalDetails ; 戻り値は stat
; CveId : LPCWSTR -> "sptr"
; AdditionalDetails : LPCWSTR optional -> "sptr"
; ※HSP3.7は #func のため戻り値はシステム変数 stat に格納されます。#uselib "ADVAPI32.dll"
#cfunc global CveEventWrite "CveEventWrite" wstr, wstr
; res = CveEventWrite(CveId, AdditionalDetails)
; CveId : LPCWSTR -> "wstr"
; AdditionalDetails : LPCWSTR optional -> "wstr"; INT CveEventWrite(LPCWSTR CveId, LPCWSTR AdditionalDetails)
#uselib "ADVAPI32.dll"
#cfunc global CveEventWrite "CveEventWrite" wstr, wstr
; res = CveEventWrite(CveId, AdditionalDetails)
; CveId : LPCWSTR -> "wstr"
; AdditionalDetails : LPCWSTR optional -> "wstr"import (
"golang.org/x/sys/windows"
"unsafe"
)
var (
advapi32 = windows.NewLazySystemDLL("ADVAPI32.dll")
procCveEventWrite = advapi32.NewProc("CveEventWrite")
)
// CveId (LPCWSTR), AdditionalDetails (LPCWSTR optional)
r1, _, err := procCveEventWrite.Call(
uintptr(unsafe.Pointer(windows.StringToUTF16Ptr(CveId))),
uintptr(unsafe.Pointer(windows.StringToUTF16Ptr(AdditionalDetails))),
)
_ = err // syscall.Errno (valid when the call sets last-error)
_ = r1 // INTfunction CveEventWrite(
CveId: PWideChar; // LPCWSTR
AdditionalDetails: PWideChar // LPCWSTR optional
): Integer; stdcall;
external 'ADVAPI32.dll' name 'CveEventWrite';result := DllCall("ADVAPI32\CveEventWrite"
, "WStr", CveId ; LPCWSTR
, "WStr", AdditionalDetails ; LPCWSTR optional
, "Int") ; return: INT●CveEventWrite(CveId, AdditionalDetails) = DLL("ADVAPI32.dll", "int CveEventWrite(char*, char*)")
# 呼び出し: CveEventWrite(CveId, AdditionalDetails)
# CveId : LPCWSTR -> "char*"
# AdditionalDetails : LPCWSTR optional -> "char*"
# なでしこ1は32bit・ANSI(Shift_JIS)。文字列=char*(ANSI)、ポインタ/ハンドル=void*(4byte)。