Fix formatting issues for CI/CD
This commit is contained in:
pandaadir05
@@ -740,11 +740,11 @@ mod platform {
|
|||||||
let protection = match info.protection {
|
let protection = match info.protection {
|
||||||
0 => MemoryProtection::NoAccess,
|
0 => MemoryProtection::NoAccess,
|
||||||
1 => MemoryProtection::ReadOnly,
|
1 => MemoryProtection::ReadOnly,
|
||||||
2 => MemoryProtection::ReadWrite, // Write implies read on most systems
|
2 => MemoryProtection::ReadWrite, // Write implies read on most systems
|
||||||
3 => MemoryProtection::ReadWrite,
|
3 => MemoryProtection::ReadWrite,
|
||||||
4 => MemoryProtection::Execute,
|
4 => MemoryProtection::Execute,
|
||||||
5 => MemoryProtection::ReadExecute,
|
5 => MemoryProtection::ReadExecute,
|
||||||
6 => MemoryProtection::ReadWriteExecute, // WX -> RWX
|
6 => MemoryProtection::ReadWriteExecute, // WX -> RWX
|
||||||
7 => MemoryProtection::ReadWriteExecute,
|
7 => MemoryProtection::ReadWriteExecute,
|
||||||
_ => MemoryProtection::NoAccess,
|
_ => MemoryProtection::NoAccess,
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -168,7 +168,8 @@ mod tests {
|
|||||||
let mut config = DetectionConfig::default();
|
let mut config = DetectionConfig::default();
|
||||||
config.hook_detection = false;
|
config.hook_detection = false;
|
||||||
|
|
||||||
let mut engine = DetectionEngine::with_config(Some(config)).expect("Failed to create engine");
|
let mut engine =
|
||||||
|
DetectionEngine::with_config(Some(config)).expect("Failed to create engine");
|
||||||
let process = create_test_process();
|
let process = create_test_process();
|
||||||
let regions = vec![create_rwx_region()];
|
let regions = vec![create_rwx_region()];
|
||||||
|
|
||||||
@@ -207,7 +208,11 @@ mod tests {
|
|||||||
|
|
||||||
let result = engine.analyze_process(&process, &image_regions, None);
|
let result = engine.analyze_process(&process, &image_regions, None);
|
||||||
// IMAGE regions may trigger ML heuristics, but should not be flagged as Malicious
|
// IMAGE regions may trigger ML heuristics, but should not be flagged as Malicious
|
||||||
assert_ne!(result.threat_level, ThreatLevel::Malicious, "IMAGE region should not be malicious");
|
assert_ne!(
|
||||||
|
result.threat_level,
|
||||||
|
ThreatLevel::Malicious,
|
||||||
|
"IMAGE region should not be malicious"
|
||||||
|
);
|
||||||
|
|
||||||
// PRIVATE region with RWX is highly suspicious
|
// PRIVATE region with RWX is highly suspicious
|
||||||
let private_regions = vec![MemoryRegion {
|
let private_regions = vec![MemoryRegion {
|
||||||
@@ -218,8 +223,15 @@ mod tests {
|
|||||||
}];
|
}];
|
||||||
|
|
||||||
let result2 = engine.analyze_process(&process, &private_regions, None);
|
let result2 = engine.analyze_process(&process, &private_regions, None);
|
||||||
assert_ne!(result2.threat_level, ThreatLevel::Clean, "RWX private region should be suspicious");
|
assert_ne!(
|
||||||
assert!(result2.confidence > 0.3, "RWX private region should have high confidence");
|
result2.threat_level,
|
||||||
|
ThreatLevel::Clean,
|
||||||
|
"RWX private region should be suspicious"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
result2.confidence > 0.3,
|
||||||
|
"RWX private region should have high confidence"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -5,13 +5,10 @@ use crossterm::{
|
|||||||
terminal::{disable_raw_mode, enable_raw_mode, EnterAlternateScreen, LeaveAlternateScreen},
|
terminal::{disable_raw_mode, enable_raw_mode, EnterAlternateScreen, LeaveAlternateScreen},
|
||||||
};
|
};
|
||||||
use ratatui::{
|
use ratatui::{
|
||||||
backend::{Backend, CrosstermBackend}, Terminal,
|
backend::{Backend, CrosstermBackend},
|
||||||
};
|
Terminal,
|
||||||
use std::{
|
|
||||||
io,
|
|
||||||
sync::Arc,
|
|
||||||
time::Duration,
|
|
||||||
};
|
};
|
||||||
|
use std::{io, sync::Arc, time::Duration};
|
||||||
use tokio::{sync::Mutex, time};
|
use tokio::{sync::Mutex, time};
|
||||||
|
|
||||||
mod app;
|
mod app;
|
||||||
|
|||||||
Reference in New Issue
Block a user