Skip to content

Commit 576690d

Browse files
progmboyprogmboy
committed
add missing file
1 parent 7dab266 commit 576690d

File tree

1 file changed

+94
-0
lines changed

1 file changed

+94
-0
lines changed

sdk/procmonsdk/regopt.cxx

Lines changed: 94 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,94 @@
1+
#pragma once
2+
3+
#include "pch.hpp"
4+
#include "procmgr.hpp"
5+
#include "regopt.hpp"
6+
#include "eventview.hpp"
7+
#include "strmaps.hpp"
8+
9+
10+
template <class T>
11+
CString GetRegKeyPath(PLOG_ENTRY pEntry)
12+
{
13+
CString strRegPath;
14+
T pInfo = TO_EVENT_DATA(T, pEntry);
15+
if (pInfo->KeyNameLength) {
16+
CString strRegPathInternal;
17+
strRegPathInternal.Append((LPCWSTR)(pInfo + 1), pInfo->KeyNameLength);
18+
UtilConvertRegInternalToNormal(strRegPathInternal, strRegPath);
19+
}
20+
21+
return strRegPath;
22+
}
23+
24+
CString CRegEvent::GetPath()
25+
{
26+
PLOG_ENTRY pEntry = reinterpret_cast<PLOG_ENTRY>(getPreLog().GetBuffer());
27+
28+
switch (pEntry->NotifyType)
29+
{
30+
case NOTIFY_REG_CREATEKEYEX:
31+
case NOTIFY_REG_OPENKEYEX:
32+
{
33+
return GetRegKeyPath<PLOG_REG_CREATEOPENKEY>(pEntry);
34+
}
35+
36+
case NOTIFY_REG_QUERYVALUEKEY:
37+
{
38+
return GetRegKeyPath<PLOG_REG_QUERYVALUEKEY>(pEntry);
39+
}
40+
case NOTIFY_REG_ENUMERATEVALUEKEY:
41+
{
42+
return GetRegKeyPath<PLOG_REG_ENUMERATEVALUEKEY>(pEntry);
43+
}
44+
case NOTIFY_REG_ENUMERATEKEY:
45+
{
46+
return GetRegKeyPath<PLOG_REG_ENUMERATEKEY>(pEntry);
47+
}
48+
case NOTIFY_REG_SETINFORMATIONKEY:
49+
{
50+
return GetRegKeyPath<PLOG_REG_SETINFORMATIONKEY>(pEntry);
51+
}
52+
case NOTIFY_REG_DELETEVALUEKEY:
53+
{
54+
return GetRegKeyPath<PLOG_REG_DELETEVALUEKEY>(pEntry);
55+
}
56+
case NOTIFY_REG_QUERYKEY:
57+
{
58+
return GetRegKeyPath<PLOG_REG_QUERYKEY>(pEntry);
59+
}
60+
61+
case NOTIFY_REG_LOADKEY:
62+
{
63+
return GetRegKeyPath<PLOG_REG_LOADKEY>(pEntry);
64+
}
65+
66+
case NOTIFY_REG_UNLOADKEY:
67+
{
68+
return GetRegKeyPath<PLOG_REG_UNLOADKEY>(pEntry);
69+
}
70+
71+
case NOTIFY_REG_RENAMEKEY:
72+
{
73+
return GetRegKeyPath<PLOG_REG_RENAMEKEY>(pEntry);
74+
}
75+
76+
case NOTIFY_REG_SETVALUEKEY:
77+
{
78+
return GetRegKeyPath<PLOG_REG_SETVALUEKEY>(pEntry);
79+
}
80+
case NOTIFY_REG_SETKEYSECURITY:
81+
case NOTIFY_REG_QUERYMULTIPLEVALUEKEY:
82+
case NOTIFY_REG_FLUSHKEY:
83+
case NOTIFY_REG_DELETEKEY:
84+
case NOTIFY_REG_KEYHANDLECLOSE:
85+
case NOTIFY_REG_QUERYKEYSECURITY:
86+
{
87+
return GetRegKeyPath<PLOG_REG_CONNMON>(pEntry);
88+
}
89+
default:
90+
break;
91+
}
92+
93+
return TEXT("");
94+
}

0 commit comments

Comments
 (0)