admin/ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix YARA compiler move error by simplifying rule compilation

Browse Source 
- Replace add_rules_str_with_namespace with add_rules_str to avoid move semantics issues
- Simplify error handling in rule compilation loop
- This should resolve the E0382 use of moved value error
This commit is contained in:
pandaadir05
2025-11-21 02:01:52 +02:00
parent d8d562ddf1
commit 3414d05821
1 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
ghost-core/src/yara_engine.rs
View File

@@ -149,23 +149,21 @@ impl DynamicYaraEngine {
.and_then(|s| s.to_str()) .and_then(|s| s.to_str())
.unwrap_or("default"); .unwrap_or("default");
match compiler.add_rules_str_with_namespace(&content, namespace) { if let Err(e) = compiler.add_rules_str(&content) {
Ok(_) => { log::error!("Failed to compile {}: {}", rule_file.display(), e);
log::info!("Compiled YARA rule: {}", rule_file.display()); continue;
self.rule_metadata.push(YaraRuleMetadata {
name: namespace.to_string(),
file_path: rule_file.display().to_string(),
threat_level: ThreatLevel::Medium,
last_updated: SystemTime::now(),
});
rule_count += 1;
}
Err(e) => {
log::error!("Failed to compile {}: {}", rule_file.display(), e);
}
} }
log::info!("Compiled YARA rule: {}", rule_file.display());
self.rule_metadata.push(YaraRuleMetadata {
name: namespace.to_string(),
file_path: rule_file.display().to_string(),
threat_level: ThreatLevel::Medium,
last_updated: SystemTime::now(),
});
rule_count += 1;
} }
Err(e) => { Err(e) => {
log::error!("Failed to read {}: {}", rule_file.display(), e); log::error!("Failed to read {}: {}", rule_file.display(), e);
@@ -179,7 +177,7 @@ impl DynamicYaraEngine {
}); });
} }
// Compile all the added rules // Compile all the added rules - this consumes the compiler
let compiled_rules = compiler let compiled_rules = compiler
.compile_rules() .compile_rules()
.map_err(|e| GhostError::Configuration { .map_err(|e| GhostError::Configuration {
@@ -188,6 +186,8 @@ impl DynamicYaraEngine {
self.compiled_rules = Some(compiled_rules); self.compiled_rules = Some(compiled_rules);
self.compiled_rules = Some(compiled_rules);
log::info!("Successfully compiled {} YARA rules", rule_count); log::info!("Successfully compiled {} YARA rules", rule_count);
Ok(rule_count) Ok(rule_count)
} }