microsoft · dangodangodango · Oct 31, 2025
@@ -5,7 +5,6 @@ package etw
 import (
 	"bytes"
 	"encoding/binary"
-	"unsafe"
 
 	"github.com/Microsoft/go-winio/pkg/guid"
 	"golang.org/x/sys/windows"
@@ -62,8 +61,7 @@ func NewProviderWithOptions(name string, options ...ProviderOpt) (provider *Prov
 	if err := eventSetInformation(
 		provider.handle,
 		eventInfoClassProviderSetTraits,
-		uintptr(unsafe.Pointer(&provider.metadata[0])),
-		uint32(len(provider.metadata)),
+		provider.metadata,
 	); err != nil {
 		return nil, err
 	}

@@ -8,8 +8,8 @@ package etw
 
 //sys eventUnregister_64(providerHandle providerHandle) (win32err error) = advapi32.EventUnregister
 //sys eventWriteTransfer_64(providerHandle providerHandle, descriptor *eventDescriptor, activityID *windows.GUID, relatedActivityID *windows.GUID, dataDescriptorCount uint32, dataDescriptors *eventDataDescriptor) (win32err error) = advapi32.EventWriteTransfer
-//sys eventSetInformation_64(providerHandle providerHandle, class eventInfoClass, information uintptr, length uint32) (win32err error) = advapi32.EventSetInformation
+//sys eventSetInformation_64(providerHandle providerHandle, class eventInfoClass, information []byte) (win32err error) = advapi32.EventSetInformation
 
 //sys eventUnregister_32(providerHandle_low uint32, providerHandle_high uint32) (win32err error) = advapi32.EventUnregister
 //sys eventWriteTransfer_32(providerHandle_low uint32, providerHandle_high uint32, descriptor *eventDescriptor, activityID *windows.GUID, relatedActivityID *windows.GUID, dataDescriptorCount uint32, dataDescriptors *eventDataDescriptor) (win32err error) = advapi32.EventWriteTransfer
-//sys eventSetInformation_32(providerHandle_low uint32, providerHandle_high uint32, class eventInfoClass, information uintptr, length uint32) (win32err error) = advapi32.EventSetInformation
+//sys eventSetInformation_32(providerHandle_low uint32, providerHandle_high uint32, class eventInfoClass, information []byte) (win32err error) = advapi32.EventSetInformation
@@ -40,15 +40,13 @@ func eventWriteTransfer(
 func eventSetInformation(
 	providerHandle providerHandle,
 	class eventInfoClass,
-	information uintptr,
-	length uint32) (win32err error) {
+	information []byte) (win32err error) {
 
 	return eventSetInformation_32(
 		low(providerHandle),
 		high(providerHandle),
 		class,
-		information,
-		length)
+		information)
 }
 
 // providerCallbackAdapter acts as the first-level callback from the C/ETW side

@@ -30,13 +30,11 @@ func eventWriteTransfer(
 func eventSetInformation(
 	providerHandle providerHandle,
 	class eventInfoClass,
-	information uintptr,
-	length uint32) (win32err error) {
+	information []byte) (win32err error) {
 	return eventSetInformation_64(
 		providerHandle,
 		class,
-		information,
-		length)
+		information)
 }
 
 // providerCallbackAdapter acts as the first-level callback from the C/ETW side

@@ -5,7 +5,6 @@ package security
 import (
 	"fmt"
 	"os"
-	"unsafe"
 
 	"golang.org/x/sys/windows"
 )
@@ -33,7 +32,7 @@ type (
 		multipleTrusteeOperation int32
 		trusteeForm              trusteeForm
 		trusteeType              trusteeType
-		name                     uintptr
+		name                     *windows.SID
 	}
 )
 
@@ -153,13 +152,13 @@ func generateDACLWithAcesAdded(name string, isDir bool, origDACL uintptr) (uintp
 			trustee: trustee{
 				trusteeForm: trusteeFormIsSID,
 				trusteeType: trusteeTypeWellKnownGroup,
-				name:        uintptr(unsafe.Pointer(sid)),
+				name:        sid,
 			},
 		},
 	}
 
 	modifiedDACL := uintptr(0)
-	if err := setEntriesInAcl(uintptr(uint32(1)), uintptr(unsafe.Pointer(&eaArray[0])), origDACL, &modifiedDACL); err != nil {
+	if err := setEntriesInAcl(uintptr(uint32(1)), &eaArray[0], origDACL, &modifiedDACL); err != nil {
 		return 0, fmt.Errorf("%s SetEntriesInAcl %s: %w", gvmga, name, err)
 	}
 

@@ -4,4 +4,4 @@ package security
 
 //sys getSecurityInfo(handle windows.Handle, objectType uint32, si uint32, ppsidOwner **uintptr, ppsidGroup **uintptr, ppDacl *uintptr, ppSacl *uintptr, ppSecurityDescriptor *uintptr) (win32err error) = advapi32.GetSecurityInfo
 //sys setSecurityInfo(handle windows.Handle, objectType uint32, si uint32, psidOwner uintptr, psidGroup uintptr, pDacl uintptr, pSacl uintptr) (win32err error) = advapi32.SetSecurityInfo
-//sys setEntriesInAcl(count uintptr, pListOfEEs uintptr, oldAcl uintptr, newAcl *uintptr) (win32err error) = advapi32.SetEntriesInAclW
+//sys setEntriesInAcl(count uintptr, pListOfEEs *explicitAccess, oldAcl uintptr, newAcl *uintptr) (win32err error) = advapi32.SetEntriesInAclW