diff --git a/ghost-core/src/detection.rs b/ghost-core/src/detection.rs index 50dfd82..6a3fee3 100644 --- a/ghost-core/src/detection.rs +++ b/ghost-core/src/detection.rs @@ -263,14 +263,13 @@ impl DetectionEngine { // YARA rule scanning if let Some(yara_engine) = &self.yara_engine { let yara_result = match tokio::runtime::Handle::try_current() { - Ok(handle) => handle.block_on(async { yara_engine.scan_process(process, memory_regions).await }), - Err(_) => { - tokio::runtime::Runtime::new() - .unwrap() - .block_on(async { yara_engine.scan_process(process, memory_regions).await }) - } + Ok(handle) => handle + .block_on(async { yara_engine.scan_process(process, memory_regions).await }), + Err(_) => tokio::runtime::Runtime::new() + .unwrap() + .block_on(async { yara_engine.scan_process(process, memory_regions).await }), }; - + if let Ok(yara_result) = yara_result { if !yara_result.matches.is_empty() { log::info!( diff --git a/ghost-core/src/yara_engine.rs b/ghost-core/src/yara_engine.rs index bb2e962..bff2506 100644 --- a/ghost-core/src/yara_engine.rs +++ b/ghost-core/src/yara_engine.rs @@ -4,7 +4,7 @@ use std::collections::HashMap; use std::fs; use std::path::{Path, PathBuf}; use std::time::SystemTime; -use yara::{Compiler, Rules, Scanner}; +use yara::{Compiler, Rules}; #[derive(Serialize, Deserialize)] pub struct DynamicYaraEngine { @@ -127,10 +127,7 @@ impl DynamicYaraEngine { if !rules_dir.exists() { return Err(GhostError::Configuration { - message: format!( - "Rules directory does not exist: {}", - rules_dir.display() - ), + message: format!("Rules directory does not exist: {}", rules_dir.display()), }); } @@ -300,9 +297,11 @@ impl DynamicYaraEngine { data: &[u8], base_address: usize, ) -> Result, GhostError> { - let scan_results = rules.scan_mem(data, 300).map_err(|e| GhostError::Detection { - message: format!("Scan failed: {}", e), - })?; + let scan_results = rules + .scan_mem(data, 300) + .map_err(|e| GhostError::Detection { + message: format!("Scan failed: {}", e), + })?; let mut matches = Vec::new();