EvtNext wrapper uninitialized value / error handling

[clarkb7]

For all bugs, please provide the following information:

Expected behavior and actual behavior

expected behavior: EvtNext returns empty tuple when there are no new events
actual behavior: EvtNext raises exception with ERROR_INVALID_OPERATION

I think this is due to nbr_returned being uninitialized when it is passed to EvtNext and maintaining its uninitialized value when EvtNext returns ERROR_INVALID_OPERATION, so then this check fails

(err == ERROR_INVALID_OPERATION && nbr_returned == 0)

Perhaps initializing nbr_returned=0 before the call will fix it. However, the Microsoft event log RPC spec says this about the numActualRecords parameter

If the method fails, the client MUST NOT use the value.

Which may indicate that we can't trust the output value even if we initialize it first, however EvtNext is a wrapper around the RPC API, so the same restriction may or may not apply.

Steps to reproduce the problem

1. Run the following python snippet
2. It log exceptions (4317, 'EvtNext', 'The operation identifier is not valid.')

import win32evtlog
import win32event
import pywintypes
import time

hEvt = win32event.CreateEvent(None, 0, 0, None)
sub = win32evtlog.EvtSubscribe("Application", win32evtlog.EvtSubscribeToFutureEvents,SignalEvent=hEvt,Query="*")
while True:
    try:
        events = win32evtlog.EvtNext(sub, 1)
    except pywintypes.error as e:
        print(e)
    else:
        print("got event")
    time.sleep(1)

System information

Python version and distribution:

Python 3.11.5

pywin32 version:
pywin32==306

Installed from PyPI or exe installer:
PyPI

Windows Version:

OS Name:                   Microsoft Windows 11 Pro
OS Version:                10.0.22621 N/A Build 22621

DLL locations:

C:\Users\branden.clark\AppData\Local\Programs\Python\Python311\Lib\site-packages\pywin32_system32\pywintypes311.dll
C:\Users\branden.clark\AppData\Local\Programs\Python\Python311\Lib\site-packages\pywin32_system32\pythoncom311.dll