Added XML value type

ChangeLog

@@ -10,8 +10,6 @@ TODO
 ** libfwevt_template_read
 ** libfwevt_xml_document_read
 
-* Expose libfwevt_xml_tag_free
-
 20140928
 * see `git log' for more recent change log
 * Created stand-alone version of version used in libevt

configure.ac

@@ -2,7 +2,7 @@ AC_PREREQ([2.71])
 
 AC_INIT(
  [libfwevt],
- [20240422],
+ [20240425],
  [joachim.metz@gmail.com])
 
 AC_CONFIG_SRCDIR(

include/libfwevt.h.in

@@ -858,6 +858,14 @@ int libfwevt_xml_document_debug_print(
  * XML tag functions
  * ------------------------------------------------------------------------- */
 
+/* Frees a XML tag
+ * Returns 1 if successful or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_tag_free(
+     libfwevt_xml_tag_t **xml_tag,
+     libfwevt_error_t **error );
+
 /* Retrieves the size of the UTF-8 formatted name
  * Returns 1 if successful or -1 on error
  */
@@ -1025,6 +1033,102 @@ int libfwevt_xml_tag_get_flags(
      uint8_t *flags,
      libfwevt_error_t **error );
 
+/* -------------------------------------------------------------------------
+ * XML value functions
+ * ------------------------------------------------------------------------- */
+
+/* Frees a XML value
+ * Returns 1 if successful or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_free(
+     libfwevt_xml_value_t **xml_value,
+     libfwevt_error_t **error );
+
+/* Retrieves the data size
+ * Returns 1 if successful or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_get_data_size(
+     libfwevt_xml_value_t *xml_value,
+     size_t *data_size,
+     libfwevt_error_t **error );
+
+/* Copies the data
+ * Returns 1 if successful or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_copy_data(
+     libfwevt_xml_value_t *xml_value,
+     uint8_t *data,
+     size_t data_size,
+     libfwevt_error_t **error );
+
+/* Copies the value data to an 8-bit value
+ * Returns 1 if successful, 0 if size value not be retrieved or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_copy_to_8bit(
+     libfwevt_xml_value_t *xml_value,
+     uint8_t *value_8bit,
+     libfwevt_error_t **error );
+
+/* Copies the value data to an 32-bit value
+ * Returns 1 if successful, 0 if size value not be retrieved or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_copy_to_32bit(
+     libfwevt_xml_value_t *xml_value,
+     uint32_t *value_32bit,
+     libfwevt_error_t **error );
+
+/* Copies the value data to an 64-bit value
+ * Returns 1 if successful, 0 if size value not be retrieved or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_copy_to_64bit(
+     libfwevt_xml_value_t *xml_value,
+     uint64_t *value_64bit,
+     libfwevt_error_t **error );
+
+/* Retrieves the size of an UTF-8 encoded string of the value data
+ * Returns 1 if successful, 0 if size value not be retrieved or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_get_utf8_string_size(
+     libfwevt_xml_value_t *xml_value,
+     size_t *utf8_string_size,
+     libfwevt_error_t **error );
+
+/* Copies the value data to an UTF-8 encoded string
+ * Returns 1 if successful, 0 if size value not be retrieved or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_copy_to_utf8_string(
+     libfwevt_xml_value_t *xml_value,
+     uint8_t *utf8_string,
+     size_t utf8_string_size,
+     libfwevt_error_t **error );
+
+/* Retrieves the size of an UTF-16 encoded string of the value data
+ * Returns 1 if successful, 0 if size value not be retrieved or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_get_utf16_string_size(
+     libfwevt_xml_value_t *xml_value,
+     size_t *utf16_string_size,
+     libfwevt_error_t **error );
+
+/* Copies the value data to an UTF-16 encoded string
+ * Returns 1 if successful, 0 if size value not be retrieved or -1 on error
+ */
+LIBFWEVT_EXTERN \
+int libfwevt_xml_value_copy_to_utf16_string(
+     libfwevt_xml_value_t *xml_value,
+     uint16_t *utf16_string,
+     size_t utf16_string_size,
+     libfwevt_error_t **error );
+
 #if defined( __cplusplus )
 }
 #endif

include/libfwevt/types.h.in

@@ -215,6 +215,7 @@ typedef intptr_t libfwevt_template_item_t;
 typedef intptr_t libfwevt_xml_document_t;
 typedef intptr_t libfwevt_xml_tag_t;
 typedef intptr_t libfwevt_xml_template_value_t;
+typedef intptr_t libfwevt_xml_value_t;
 
 #ifdef __cplusplus
 }

libfwevt.ini

@@ -7,7 +7,7 @@ features: ["debug_output"]
 
 [library]
 description: "Library to support the Windows XML Event Log (EVTX) data types"
-public_types: ["channel", "event", "keyword", "level", "manifest", "map", "opcode", "provider", "task", "template", "template_item", "xml_document", "xml_tag", "xml_template_value"]
+public_types: ["channel", "event", "keyword", "level", "manifest", "map", "opcode", "provider", "task", "template", "template_item", "xml_document", "xml_tag", "xml_template_value", "xml_value"]
 
 [pypi]
 appveyor_token: "VHuZiUWgTqTciKE2nsv/LvgzW1RYojfMXbiEHTPVSOi529zwFBTwlwjaYJGoAE9PcCZvaEWthApNCSGMUbHzQZwjOySEO9YO/AAr17eA/3QKlNXIEjV5jpTPKtWvNMZUP7WhUNk6ua6EYHuxt2I/i3rjB8lv0jZelBPClNng+MfAtcaXzrgzwxEmWGB6NzXGU7jZAZz/tpf8TB1WBHtWsTvhuw8cISx1nEh0ijLqLmpAAa/cB5zz0mnHPVMLtVdRAj39Eeb4wOnpszjaI1/lsQ0FiBAjcZkB7KaSkNuisNo="

libfwevt/Makefile.am

@@ -45,7 +45,8 @@ libfwevt_la_SOURCES = \
 	libfwevt_xml_document.c libfwevt_xml_document.h \
 	libfwevt_xml_tag.c libfwevt_xml_tag.h \
 	libfwevt_xml_template_value.c libfwevt_xml_template_value.h \
-	libfwevt_xml_token.c libfwevt_xml_token.h
+	libfwevt_xml_token.c libfwevt_xml_token.h \
+	libfwevt_xml_value.c libfwevt_xml_value.h
 
 libfwevt_la_LIBADD = \
 	@LIBCERROR_LIBADD@ \

libfwevt/libfwevt_debug.h

@@ -26,6 +26,7 @@
 #include <types.h>
 
 #include "libfwevt_libcerror.h"
+#include "libfwevt_types.h"
 
 #if defined( __cplusplus )
 extern "C" {

libfwevt/libfwevt_types.h

@@ -48,6 +48,7 @@ typedef struct libfwevt_template_item {}	libfwevt_template_item_t;
 typedef struct libfwevt_xml_document {}		libfwevt_xml_document_t;
 typedef struct libfwevt_xml_tag {}		libfwevt_xml_tag_t;
 typedef struct libfwevt_xml_template_value {}	libfwevt_xml_template_value_t;
+typedef struct libfwevt_xml_value {}		libfwevt_xml_value_t;
 
 #else
 typedef intptr_t libfwevt_channel_t;
@@ -64,6 +65,7 @@ typedef intptr_t libfwevt_template_item_t;
 typedef intptr_t libfwevt_xml_document_t;
 typedef intptr_t libfwevt_xml_tag_t;
 typedef intptr_t libfwevt_xml_template_value_t;
+typedef intptr_t libfwevt_xml_value_t;
 
 #endif /* defined( HAVE_DEBUG_OUTPUT ) && !defined( WINAPI ) */
 

libfwevt/libfwevt_xml_document.c

@@ -141,8 +141,8 @@ int libfwevt_xml_document_free(
 
 		if( internal_xml_document->root_xml_tag != NULL )
 		{
-			if( libfwevt_xml_tag_free(
-			     &( internal_xml_document->root_xml_tag ),
+			if( libfwevt_internal_xml_tag_free(
+			     (libfwevt_internal_xml_tag_t **) &( internal_xml_document->root_xml_tag ),
 			     error ) != 1 )
 			{
 				libcerror_error_set(
@@ -923,8 +923,8 @@ int libfwevt_xml_document_read_attribute(
 
 	if( attribute_xml_tag != NULL )
 	{
-		if( libfwevt_xml_tag_free(
-		     &attribute_xml_tag,
+		if( libfwevt_internal_xml_tag_free(
+		     (libfwevt_internal_xml_tag_t **) &attribute_xml_tag,
 		     error ) != 1 )
 		{
 			libcerror_error_set(
@@ -955,8 +955,8 @@ int libfwevt_xml_document_read_attribute(
 on_error:
 	if( attribute_xml_tag != NULL )
 	{
-		libfwevt_xml_tag_free(
-		 &attribute_xml_tag,
+		libfwevt_internal_xml_tag_free(
+		 (libfwevt_internal_xml_tag_t **) &attribute_xml_tag,
 		 NULL );
 	}
 	if( xml_sub_token != NULL )
@@ -1539,8 +1539,8 @@ int libfwevt_xml_document_read_character_reference(
 		}
 	}
 #endif
-	if( libfwevt_xml_tag_free(
-	     &character_xml_tag,
+	if( libfwevt_internal_xml_tag_free(
+	     (libfwevt_internal_xml_tag_t **) &character_xml_tag,
 	     error ) != 1 )
 	{
 		libcerror_error_set(
@@ -1567,8 +1567,8 @@ int libfwevt_xml_document_read_character_reference(
 	}
 	if( character_xml_tag != NULL )
 	{
-		libfwevt_xml_tag_free(
-		 &character_xml_tag,
+		libfwevt_internal_xml_tag_free(
+		 (libfwevt_internal_xml_tag_t **) &character_xml_tag,
 		 NULL );
 	}
 	return( -1 );
@@ -2503,8 +2503,8 @@ int libfwevt_xml_document_read_element(
 
 	if( element_xml_tag != NULL )
 	{
-		if( libfwevt_xml_tag_free(
-		     &element_xml_tag,
+		if( libfwevt_internal_xml_tag_free(
+		     (libfwevt_internal_xml_tag_t **) &element_xml_tag,
 		     error ) != 1 )
 		{
 			libcerror_error_set(
@@ -2536,8 +2536,8 @@ int libfwevt_xml_document_read_element(
 	if( ( element_xml_tag != NULL )
 	 && ( element_xml_tag != internal_xml_document->root_xml_tag ) )
 	{
-		libfwevt_xml_tag_free(
-		 &element_xml_tag,
+		libfwevt_internal_xml_tag_free(
+		 (libfwevt_internal_xml_tag_t **) &element_xml_tag,
 		 NULL );
 	}
 	if( xml_sub_token != NULL )
@@ -3016,8 +3016,8 @@ int libfwevt_xml_document_read_entity_reference(
 	}
 #endif /* defined( HAVE_DEBUG_OUTPUT ) */
 
-	if( libfwevt_xml_tag_free(
-	     &entity_xml_tag,
+	if( libfwevt_internal_xml_tag_free(
+	     (libfwevt_internal_xml_tag_t **) &entity_xml_tag,
 	     error ) != 1 )
 	{
 		libcerror_error_set(
@@ -3044,8 +3044,8 @@ int libfwevt_xml_document_read_entity_reference(
 	}
 	if( entity_xml_tag != NULL )
 	{
-		libfwevt_xml_tag_free(
-		 &entity_xml_tag,
+		libfwevt_internal_xml_tag_free(
+		 (libfwevt_internal_xml_tag_t **) &entity_xml_tag,
 		 NULL );
 	}
 	return( -1 );
@@ -4609,8 +4609,8 @@ int libfwevt_xml_document_read_pi_target(
 	}
 	if( pi_xml_tag != NULL )
 	{
-		libfwevt_xml_tag_free(
-		 &pi_xml_tag,
+		libfwevt_internal_xml_tag_free(
+		 (libfwevt_internal_xml_tag_t **) &pi_xml_tag,
 		 NULL );
 	}
 	return( -1 );