github.com/Serizao/go-winio@v0.0.0-20230906082528-f02f7f4ad6e8/pkg/etw/eventdata.go

github.com/Serizao/go-winio@v0.0.0-20230906082528-f02f7f4ad6e8/pkg/etw/eventdata.go (about)

     1  //go:build windows
     2  // +build windows
     3  
     4  package etw
     5  
     6  import (
     7  	"bytes"
     8  	"encoding/binary"
     9  
    10  	"golang.org/x/sys/windows"
    11  )
    12  
    13  // eventData maintains a buffer which builds up the data for an ETW event. It
    14  // needs to be paired with EventMetadata which describes the event.
    15  type eventData struct {
    16  	buffer bytes.Buffer
    17  }
    18  
    19  // toBytes returns the raw binary data containing the event data. The returned
    20  // value is not copied from the internal buffer, so it can be mutated by the
    21  // eventData object after it is returned.
    22  func (ed *eventData) toBytes() []byte {
    23  	return ed.buffer.Bytes()
    24  }
    25  
    26  // writeString appends a string, including the null terminator, to the buffer.
    27  func (ed *eventData) writeString(data string) {
    28  	_, _ = ed.buffer.WriteString(data)
    29  	_ = ed.buffer.WriteByte(0)
    30  }
    31  
    32  // writeInt8 appends a int8 to the buffer.
    33  func (ed *eventData) writeInt8(value int8) {
    34  	_ = ed.buffer.WriteByte(uint8(value))
    35  }
    36  
    37  // writeInt16 appends a int16 to the buffer.
    38  func (ed *eventData) writeInt16(value int16) {
    39  	_ = binary.Write(&ed.buffer, binary.LittleEndian, value)
    40  }
    41  
    42  // writeInt32 appends a int32 to the buffer.
    43  func (ed *eventData) writeInt32(value int32) {
    44  	_ = binary.Write(&ed.buffer, binary.LittleEndian, value)
    45  }
    46  
    47  // writeInt64 appends a int64 to the buffer.
    48  func (ed *eventData) writeInt64(value int64) {
    49  	_ = binary.Write(&ed.buffer, binary.LittleEndian, value)
    50  }
    51  
    52  // writeUint8 appends a uint8 to the buffer.
    53  func (ed *eventData) writeUint8(value uint8) {
    54  	_ = ed.buffer.WriteByte(value)
    55  }
    56  
    57  // writeUint16 appends a uint16 to the buffer.
    58  func (ed *eventData) writeUint16(value uint16) {
    59  	_ = binary.Write(&ed.buffer, binary.LittleEndian, value)
    60  }
    61  
    62  // writeUint32 appends a uint32 to the buffer.
    63  func (ed *eventData) writeUint32(value uint32) {
    64  	_ = binary.Write(&ed.buffer, binary.LittleEndian, value)
    65  }
    66  
    67  // writeUint64 appends a uint64 to the buffer.
    68  func (ed *eventData) writeUint64(value uint64) {
    69  	_ = binary.Write(&ed.buffer, binary.LittleEndian, value)
    70  }
    71  
    72  // writeFiletime appends a FILETIME to the buffer.
    73  func (ed *eventData) writeFiletime(value windows.Filetime) {
    74  	_ = binary.Write(&ed.buffer, binary.LittleEndian, value)
    75  }