Fix YARA engine: remove unused Scanner import, fix compiler move issue, remove non-existent description field

2025-11-21 01:42:57 +02:00
parent de355e4faa
commit 67d3ab9ed5
2 changed files with 13 additions and 15 deletions
--- a/ghost-core/src/detection.rs
+++ b/ghost-core/src/detection.rs
@@ -263,14 +263,13 @@ impl DetectionEngine {
        // YARA rule scanning
        if let Some(yara_engine) = &self.yara_engine {
            let yara_result = match tokio::runtime::Handle::try_current() {
-                Ok(handle) => handle.block_on(async { yara_engine.scan_process(process, memory_regions).await }),
-                Err(_) => {
-                    tokio::runtime::Runtime::new()
-                        .unwrap()
-                        .block_on(async { yara_engine.scan_process(process, memory_regions).await })
-                }
+                Ok(handle) => handle
+                    .block_on(async { yara_engine.scan_process(process, memory_regions).await }),
+                Err(_) => tokio::runtime::Runtime::new()
+                    .unwrap()
+                    .block_on(async { yara_engine.scan_process(process, memory_regions).await }),
            };
-            
+
            if let Ok(yara_result) = yara_result {
                if !yara_result.matches.is_empty() {
                    log::info!(
--- a/ghost-core/src/yara_engine.rs
+++ b/ghost-core/src/yara_engine.rs
@@ -4,7 +4,7 @@ use std::collections::HashMap;
 use std::fs;
 use std::path::{Path, PathBuf};
 use std::time::SystemTime;
-use yara::{Compiler, Rules, Scanner};
+use yara::{Compiler, Rules};

 #[derive(Serialize, Deserialize)]
 pub struct DynamicYaraEngine {
@@ -127,10 +127,7 @@ impl DynamicYaraEngine {

        if !rules_dir.exists() {
            return Err(GhostError::Configuration {
-                message: format!(
-                    "Rules directory does not exist: {}",
-                    rules_dir.display()
-                ),
+                message: format!("Rules directory does not exist: {}", rules_dir.display()),
            });
        }

@@ -300,9 +297,11 @@ impl DynamicYaraEngine {
        data: &[u8],
        base_address: usize,
    ) -> Result<Vec<RuleMatch>, GhostError> {
-        let scan_results = rules.scan_mem(data, 300).map_err(|e| GhostError::Detection {
-            message: format!("Scan failed: {}", e),
-        })?;
+        let scan_results = rules
+            .scan_mem(data, 300)
+            .map_err(|e| GhostError::Detection {
+                message: format!("Scan failed: {}", e),
+            })?;

        let mut matches = Vec::new();