Fix compilation errors from clippy fixes

- Fix '?' operator error in detection.rs by proper error handling without changing return type - Fix EbpfError::RuntimeError to use existing EventProcessingError variant - Make compiler mutable in yara_engine.rs to fix move errors - Add missing evasion_analysis field to DetectionResult struct - Fix identifier clone issue in YARA rule matching These fixes resolve the E0277, E0382, and E0599 compilation errors.
2025-11-21 01:59:43 +02:00
parent 53b77ad1bf
commit d8d562ddf1
4 changed files with 18 additions and 53 deletions
--- a/ghost-core/src/detection.rs
+++ b/ghost-core/src/detection.rs
@@ -266,12 +266,22 @@ impl DetectionEngine {
                Ok(handle) => handle
                    .block_on(async { yara_engine.scan_process(process, memory_regions).await }),
                Err(_) => {
-                    let runtime =
-                        tokio::runtime::Runtime::new().map_err(|e| GhostError::Configuration {
-                            message: format!("Failed to create async runtime: {}", e),
-                        })?;
-                    runtime
-                        .block_on(async { yara_engine.scan_process(process, memory_regions).await })
+                    match tokio::runtime::Runtime::new() {
+                        Ok(runtime) => runtime
+                            .block_on(async { yara_engine.scan_process(process, memory_regions).await }),
+                        Err(e) => {
+                            log::error!("Failed to create async runtime: {}", e);
+                            return DetectionResult {
+                                process: process.clone(),
+                                threat_level: ThreatLevel::Clean,
+                                indicators: vec!["YARA scan failed due to runtime error".to_string()],
+                                confidence: 0.0,
+                                threat_context: None,
+                                evasion_analysis: None,
+                                mitre_analysis: None,
+                            };
+                        }
+                    }
                }
            };

--- a/ghost-core/src/ebpf.rs
+++ b/ghost-core/src/ebpf.rs
@@ -712,7 +712,7 @@ impl EbpfDetector {

        let events = {
            let mut buffer = self.ring_buffer.lock().map_err(|e| {
-                EbpfError::RuntimeError(format!("Failed to lock ring buffer: {}", e))
+                EbpfError::EventProcessingError(format!("Failed to lock ring buffer: {}", e))
            })?;
            buffer.drain_events()
        };
--- a/ghost-core/src/yara_engine.rs
+++ b/ghost-core/src/yara_engine.rs
@@ -341,7 +341,7 @@ impl DynamicYaraEngine {
                        offset: (base_address + m.offset) as u64,
                        length: m.length as u32,
                        metadata: metadata.clone(),
-                        matched_strings: vec![identifier],
+                        matched_strings: vec![identifier.clone()],
                    });
                }
            }