View Issue Details

IDProjectCategoryView StatusLast Update
0006696JEDI VCL00 JVCL Componentspublic2021-06-04 12:06
ReporterthayalanAssigned To 
Status feedbackResolutionopen 
Platformx64OSWindowsOS Version2019
Product Version3.48 
Target VersionFixed in Version 
Summary0006696: Incorrect pointer arithmatic in JvNTEventLog.pas
DescriptionJvNTEventLog.pas uses pointer arithmetic to access the variables in a event record.

It is currently coded, in multiple places as:

 Result := PChar(FCurrentRecord) + SizeOf(TEventLogRecord); // Line 552.

This does not work, as the PChar is now multibyte. As a result, even though SizeOf(TEventLogRecord) = 56 ($38), but the above adds $70 every time, and leads to wrong string values & SIDs.

Steps To ReproduceJust run the sample NtEventLog Demo and check the output for Source, UserName etc.
Additional Information This happens in multiple places. In Version 3.49 @ lines 552, 559, 582

SOLUTION seems straight forward:
e.g. in line 552:
 Result := PChar(NativeInt(FCurrentRecord) + SizeOf(TEventLogRecord));

I have attached two screen shots of the demo program with and without the solution applied. (See the original file does not show username, computer name & shows incorrect source.

Thank you for all your work on JEDI.
TagsNo tags attached.



2020-06-04 07:01


Solution_Applied.jpg (67,993 bytes)
Solution_Applied.jpg (67,993 bytes)


2020-08-09 10:44

reporter   ~0021950

Are you able to create a GIT pull request containing your changes?
IOf not, can you post the line numbers and changes you made to those lines here?


2021-06-04 12:06

administrator   ~0021975

Any news on this?

Issue History

Date Modified Username Field Change
2020-06-04 07:01 thayalan New Issue
2020-06-04 07:01 thayalan File Added: Original_NTEventLog.pas.jpg
2020-06-04 07:01 thayalan File Added: Solution_Applied.jpg
2020-08-09 10:44 mh Note Added: 0021950
2021-06-04 12:06 obones Status new => feedback
2021-06-04 12:06 obones Note Added: 0021975