admin/ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix all CI/CD errors: clippy warnings and compilation errors

Browse Source 
- Remove unused import std::path::Path from hooks.rs
- Add #[derive(Debug)] to EbpfDetector
- Add missing mitre_analysis field to DetectionResult
- Change GhostError::Process to GhostError::Detection (variant doesn't exist)
- Prefix all unused event parameters with underscore in ebpf.rs
- Fix formatting in hooks.rs

All tests passing (24 total). Clippy clean with -D warnings.
This commit is contained in:
pandaadir05
2025-11-20 15:18:57 +02:00
parent 655585d9ef
commit efdd086c4e
3 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ghost-core/src/detection.rs
View File

@@ -400,6 +400,7 @@ impl DetectionEngine {
confidence: ebpf_event.confidence,
threat_context: None,
evasion_analysis: None,
mitre_analysis: None,
};
detection_results.push(detection_result);

13
ghost-core/src/ebpf.rs
View File

@@ -13,6 +13,7 @@ use std::time::{Duration, SystemTime};
/// Linux eBPF-based Process Injection Detection
/// Provides kernel-level tracing and detection capabilities on Linux systems
#[cfg(target_os = "linux")]
#[derive(Debug)]
pub struct EbpfDetector {
program_manager: EbpfProgramManager,
event_processor: EbpfEventProcessor,
@@ -800,7 +801,7 @@ impl ProcessCreateHandler {
#[cfg(target_os = "linux")]
impl EventHandler for ProcessCreateHandler {
fn handle_event(&mut self, event: &EbpfEvent) -> Option<DetectionEvent> {
fn handle_event(&mut self, _event: &EbpfEvent) -> Option<DetectionEvent> {
// Process creation event handling logic
None
}
@@ -822,7 +823,7 @@ impl MemoryMapHandler {
#[cfg(target_os = "linux")]
impl EventHandler for MemoryMapHandler {
fn handle_event(&mut self, event: &EbpfEvent) -> Option<DetectionEvent> {
fn handle_event(&mut self, _event: &EbpfEvent) -> Option<DetectionEvent> {
// Memory mapping event handling logic
None
}
@@ -844,7 +845,7 @@ impl MemoryProtectHandler {
#[cfg(target_os = "linux")]
impl EventHandler for MemoryProtectHandler {
fn handle_event(&mut self, event: &EbpfEvent) -> Option<DetectionEvent> {
fn handle_event(&mut self, _event: &EbpfEvent) -> Option<DetectionEvent> {
// Memory protection change event handling logic
None
}
@@ -866,7 +867,7 @@ impl InjectionHandler {
#[cfg(target_os = "linux")]
impl EventHandler for InjectionHandler {
fn handle_event(&mut self, event: &EbpfEvent) -> Option<DetectionEvent> {
fn handle_event(&mut self, _event: &EbpfEvent) -> Option<DetectionEvent> {
// Process injection event handling logic
None
}
@@ -907,7 +908,7 @@ impl EbpfEventProcessor {
self.event_handlers.insert(event_type, handler);
}
pub fn process_event(&mut self, event: EbpfEvent) -> Option<DetectionEvent> {
pub fn process_event(&mut self, _event: EbpfEvent) -> Option<DetectionEvent> {
// Event processing logic
None
}
@@ -937,7 +938,7 @@ impl EbpfFilterManager {
self.active_filters.insert(filter.filter_id.clone(), filter);
}
pub fn should_process(&self, event: &EbpfEvent) -> bool {
pub fn should_process(&self, _event: &EbpfEvent) -> bool {
// Filter evaluation logic
true
}

18
ghost-core/src/hooks.rs
View File

@@ -154,7 +154,7 @@ mod platform {
false,
target_pid,
)
.map_err(|e| GhostError::Process {
.map_err(|e| GhostError::Detection {
message: format!("Failed to open process: {}", e),
})?;
@@ -172,7 +172,7 @@ mod platform {
if result.is_err() {
let _ = CloseHandle(handle);
return Err(GhostError::Process {
return Err(GhostError::Detection {
message: "Failed to enumerate process modules".to_string(),
});
}
@@ -359,7 +359,6 @@ mod platform {
use super::{HookDetectionResult, HookInfo, HookType};
use crate::{GhostError, Result};
use std::fs;
use std::path::Path;
/// Detect hook injection on Linux (LD_PRELOAD, LD_LIBRARY_PATH, ptrace).
pub fn detect_hook_injection(target_pid: u32) -> Result<HookDetectionResult> {
@@ -410,7 +409,7 @@ mod platform {
fn detect_ld_preload(pid: u32) -> Result<Vec<HookInfo>> {
let environ_path = format!("/proc/{}/environ", pid);
let environ_content =
fs::read_to_string(&environ_path).map_err(|e| GhostError::Process {
fs::read_to_string(&environ_path).map_err(|e| GhostError::Detection {
message: format!("Failed to read process environment: {}", e),
})?;
@@ -444,7 +443,7 @@ mod platform {
fn detect_ld_library_path(pid: u32) -> Result<Vec<HookInfo>> {
let environ_path = format!("/proc/{}/environ", pid);
let environ_content =
fs::read_to_string(&environ_path).map_err(|e| GhostError::Process {
fs::read_to_string(&environ_path).map_err(|e| GhostError::Detection {
message: format!("Failed to read process environment: {}", e),
})?;
@@ -486,9 +485,10 @@ mod platform {
/// Detect ptrace attachment (debugging/injection).
fn detect_ptrace_attachment(pid: u32) -> Result<bool> {
let status_path = format!("/proc/{}/status", pid);
let status_content = fs::read_to_string(&status_path).map_err(|e| GhostError::Process {
message: format!("Failed to read process status: {}", e),
})?;
let status_content =
fs::read_to_string(&status_path).map_err(|e| GhostError::Detection {
message: format!("Failed to read process status: {}", e),
})?;
// Look for TracerPid field
for line in status_content.lines() {
@@ -512,7 +512,7 @@ mod platform {
/// Detect suspicious loaded libraries.
fn detect_suspicious_libraries(pid: u32) -> Result<Vec<HookInfo>> {
let maps_path = format!("/proc/{}/maps", pid);
let maps_content = fs::read_to_string(&maps_path).map_err(|e| GhostError::Process {
let maps_content = fs::read_to_string(&maps_path).map_err(|e| GhostError::Detection {
message: format!("Failed to read process maps: {}", e),
})?;