Skip to content

Commit

Permalink
winlogbeat/sys/winevent: use reflect IsZero method
Browse files Browse the repository at this point in the history
  • Loading branch information
efd6 committed Nov 30, 2021
1 parent 74bc6cd commit 5629501
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 23 deletions.
22 changes: 18 additions & 4 deletions winlogbeat/sys/winevent/event_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ import (
"time"

"github.com/stretchr/testify/assert"

"github.com/elastic/beats/v7/libbeat/common"
)

const allXML = `
Expand Down Expand Up @@ -79,9 +81,10 @@ const allXML = `
func TestXML(t *testing.T) {
allXMLTimeCreated, _ := time.Parse(time.RFC3339Nano, "2016-01-28T20:33:27.990735300Z")

var tests = []struct {
xml string
event Event
tests := []struct {
xml string
event Event
mapstr common.MapStr
}{
{
xml: allXML,
Expand Down Expand Up @@ -150,6 +153,14 @@ func TestXML(t *testing.T) {
},
},
},
mapstr: common.MapStr{
"event_id": "0",
"time_created": time.Time{},
"user_data": common.MapStr{
"Id": "{00000000-0000-0000-0000-000000000000}",
"xml_name": "Operation_ClientFailure",
},
},
},
}

Expand All @@ -160,6 +171,9 @@ func TestXML(t *testing.T) {
continue
}
assert.Equal(t, test.event, event)
if test.mapstr != nil {
assert.Equal(t, test.mapstr, event.Fields())
}

if testing.Verbose() {
json, err := json.MarshalIndent(event, "", " ")
Expand All @@ -174,7 +188,7 @@ func TestXML(t *testing.T) {
// Tests that control characters other than CR and LF are escaped
// when the event is decoded.
func TestInvalidXML(t *testing.T) {
evXML := strings.Replace(allXML, "%1", "\t
\n\x1b", -1)
evXML := strings.ReplaceAll(allXML, "%1", "\t
\n\x1b")
ev, err := UnmarshalXML([]byte(evXML))
assert.Equal(t, nil, err)
assert.Equal(t, "Creating WSMan shell on server with ResourceUri: \t\r\n\\u001b", ev.Message)
Expand Down
26 changes: 7 additions & 19 deletions winlogbeat/sys/winevent/maputil.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ package winevent
import (
"fmt"
"reflect"
"time"

"github.com/elastic/beats/v7/libbeat/common"
"github.com/elastic/beats/v7/winlogbeat/sys"
Expand Down Expand Up @@ -80,25 +81,12 @@ func AddPairs(m common.MapStr, key string, pairs []KeyValue) common.MapStr {

// isZero return true if the given value is the zero value for its type.
func isZero(i interface{}) bool {
if i == nil {
switch i := i.(type) {
case nil:
return true
case time.Time:
return false
default:
return reflect.ValueOf(i).IsZero()
}

v := reflect.ValueOf(i)
switch v.Kind() {
case reflect.Array, reflect.String:
return v.Len() == 0
case reflect.Bool:
return !v.Bool()
case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
return v.Int() == 0
case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
return v.Uint() == 0
case reflect.Float32, reflect.Float64:
return v.Float() == 0
case reflect.Interface, reflect.Map, reflect.Ptr, reflect.Slice:
return v.IsNil()
}

return false
}

0 comments on commit 5629501

Please sign in to comment.