From efdd086c4ed428185a274ccf983d7ef3653664df Mon Sep 17 00:00:00 2001 From: pandaadir05 Date: Thu, 20 Nov 2025 15:18:57 +0200 Subject: [PATCH] Fix all CI/CD errors: clippy warnings and compilation errors - Remove unused import std::path::Path from hooks.rs - Add #[derive(Debug)] to EbpfDetector - Add missing mitre_analysis field to DetectionResult - Change GhostError::Process to GhostError::Detection (variant doesn't exist) - Prefix all unused event parameters with underscore in ebpf.rs - Fix formatting in hooks.rs All tests passing (24 total). Clippy clean with -D warnings. --- ghost-core/src/detection.rs | 1 + ghost-core/src/ebpf.rs | 13 +++++++------ ghost-core/src/hooks.rs | 18 +++++++++--------- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/ghost-core/src/detection.rs b/ghost-core/src/detection.rs index 520ef35..12e786b 100644 --- a/ghost-core/src/detection.rs +++ b/ghost-core/src/detection.rs @@ -400,6 +400,7 @@ impl DetectionEngine { confidence: ebpf_event.confidence, threat_context: None, evasion_analysis: None, + mitre_analysis: None, }; detection_results.push(detection_result); diff --git a/ghost-core/src/ebpf.rs b/ghost-core/src/ebpf.rs index 39d4c36..5a8faf3 100644 --- a/ghost-core/src/ebpf.rs +++ b/ghost-core/src/ebpf.rs @@ -13,6 +13,7 @@ use std::time::{Duration, SystemTime}; /// Linux eBPF-based Process Injection Detection /// Provides kernel-level tracing and detection capabilities on Linux systems #[cfg(target_os = "linux")] +#[derive(Debug)] pub struct EbpfDetector { program_manager: EbpfProgramManager, event_processor: EbpfEventProcessor, @@ -800,7 +801,7 @@ impl ProcessCreateHandler { #[cfg(target_os = "linux")] impl EventHandler for ProcessCreateHandler { - fn handle_event(&mut self, event: &EbpfEvent) -> Option { + fn handle_event(&mut self, _event: &EbpfEvent) -> Option { // Process creation event handling logic None } @@ -822,7 +823,7 @@ impl MemoryMapHandler { #[cfg(target_os = "linux")] impl EventHandler for MemoryMapHandler { - fn handle_event(&mut self, event: &EbpfEvent) -> Option { + fn handle_event(&mut self, _event: &EbpfEvent) -> Option { // Memory mapping event handling logic None } @@ -844,7 +845,7 @@ impl MemoryProtectHandler { #[cfg(target_os = "linux")] impl EventHandler for MemoryProtectHandler { - fn handle_event(&mut self, event: &EbpfEvent) -> Option { + fn handle_event(&mut self, _event: &EbpfEvent) -> Option { // Memory protection change event handling logic None } @@ -866,7 +867,7 @@ impl InjectionHandler { #[cfg(target_os = "linux")] impl EventHandler for InjectionHandler { - fn handle_event(&mut self, event: &EbpfEvent) -> Option { + fn handle_event(&mut self, _event: &EbpfEvent) -> Option { // Process injection event handling logic None } @@ -907,7 +908,7 @@ impl EbpfEventProcessor { self.event_handlers.insert(event_type, handler); } - pub fn process_event(&mut self, event: EbpfEvent) -> Option { + pub fn process_event(&mut self, _event: EbpfEvent) -> Option { // Event processing logic None } @@ -937,7 +938,7 @@ impl EbpfFilterManager { self.active_filters.insert(filter.filter_id.clone(), filter); } - pub fn should_process(&self, event: &EbpfEvent) -> bool { + pub fn should_process(&self, _event: &EbpfEvent) -> bool { // Filter evaluation logic true } diff --git a/ghost-core/src/hooks.rs b/ghost-core/src/hooks.rs index 08db7a8..6d01372 100644 --- a/ghost-core/src/hooks.rs +++ b/ghost-core/src/hooks.rs @@ -154,7 +154,7 @@ mod platform { false, target_pid, ) - .map_err(|e| GhostError::Process { + .map_err(|e| GhostError::Detection { message: format!("Failed to open process: {}", e), })?; @@ -172,7 +172,7 @@ mod platform { if result.is_err() { let _ = CloseHandle(handle); - return Err(GhostError::Process { + return Err(GhostError::Detection { message: "Failed to enumerate process modules".to_string(), }); } @@ -359,7 +359,6 @@ mod platform { use super::{HookDetectionResult, HookInfo, HookType}; use crate::{GhostError, Result}; use std::fs; - use std::path::Path; /// Detect hook injection on Linux (LD_PRELOAD, LD_LIBRARY_PATH, ptrace). pub fn detect_hook_injection(target_pid: u32) -> Result { @@ -410,7 +409,7 @@ mod platform { fn detect_ld_preload(pid: u32) -> Result> { let environ_path = format!("/proc/{}/environ", pid); let environ_content = - fs::read_to_string(&environ_path).map_err(|e| GhostError::Process { + fs::read_to_string(&environ_path).map_err(|e| GhostError::Detection { message: format!("Failed to read process environment: {}", e), })?; @@ -444,7 +443,7 @@ mod platform { fn detect_ld_library_path(pid: u32) -> Result> { let environ_path = format!("/proc/{}/environ", pid); let environ_content = - fs::read_to_string(&environ_path).map_err(|e| GhostError::Process { + fs::read_to_string(&environ_path).map_err(|e| GhostError::Detection { message: format!("Failed to read process environment: {}", e), })?; @@ -486,9 +485,10 @@ mod platform { /// Detect ptrace attachment (debugging/injection). fn detect_ptrace_attachment(pid: u32) -> Result { let status_path = format!("/proc/{}/status", pid); - let status_content = fs::read_to_string(&status_path).map_err(|e| GhostError::Process { - message: format!("Failed to read process status: {}", e), - })?; + let status_content = + fs::read_to_string(&status_path).map_err(|e| GhostError::Detection { + message: format!("Failed to read process status: {}", e), + })?; // Look for TracerPid field for line in status_content.lines() { @@ -512,7 +512,7 @@ mod platform { /// Detect suspicious loaded libraries. fn detect_suspicious_libraries(pid: u32) -> Result> { let maps_path = format!("/proc/{}/maps", pid); - let maps_content = fs::read_to_string(&maps_path).map_err(|e| GhostError::Process { + let maps_content = fs::read_to_string(&maps_path).map_err(|e| GhostError::Detection { message: format!("Failed to read process maps: {}", e), })?;