Menu

#688 EvtOpenSession does not pass username.

v1.0 (example)
closed-fixed
nobody
win32evtlog (2)
5
2015-05-20
2015-04-01
No

Using the functino win32evtlog.EvtOpenSession with a remote server I noticed that I could not authenticate with any user. With an sniffer, I confirmed that my current user was always being used, rather than the user passed in the EVT_RPC_LOGIN tuple.

Debugging with Windbg, placing a breakpoint in EvtOpenSession, I noticed that the EVT_RPC_LOGIN had an empty username, the other fields were correct.

I believe that this is a bug: in the file http://pywin32.hg.sourceforge.net/hgweb/pywin32/pywin32/file/b81227a0b147/win32/src/win32evtlog.i , in the code that parses the tuple EVT_RPC_LOGIN we see

1180 if (!PyArg_ParseTuple(ob, "O|OOOk", &observer, *obuser, &obdomain, &obpassword, &erl->Flags))
1181 return FALSE;

The username (obuser) is incorrectly passed by value. It should be &obuser, like obdomain and obpassword.

Discussion

  • Mark Hammond

    Mark Hammond - 2015-05-20
    • status: open --> closed-fixed