Skip to content

Commit

Permalink
chore: fix clippy warnings
Browse files Browse the repository at this point in the history
  • Loading branch information
@FranticTyping
FranticTyping committed Jul 7, 2022
1 parent 4f92fd4 commit 61544f9
Show file tree
Hide file tree
Showing 5 changed files with 35 additions and 41 deletions.
6 changes: 3 additions & 3 deletions src/cli.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,7 +274,7 @@ pub fn print_detections(
(*hits).push(Hit { hunt, rule });
}
for ((group, timestamp), mut hits) in hits {
hits.sort_by(|x, y| x.rule.name().cmp(&y.rule.name()));
hits.sort_by(|x, y| x.rule.name().cmp(y.rule.name()));
let groups = groups.entry(group).or_insert(vec![]);
(*groups).push(Grouping {
kind: &detection.kind,
Expand Down Expand Up @@ -446,7 +446,7 @@ pub fn print_detections(
} else {
cells.push(cell!(rules
.iter()
.map(|rule| format!("{} {}", RULE_PREFIX, split_tag(&rule.name())))
.map(|rule| format!("{} {}", RULE_PREFIX, split_tag(rule.name())))
.collect::<Vec<_>>()
.join("\n")));
}
Expand Down Expand Up @@ -510,7 +510,7 @@ pub fn print_csv(
(*hits).push(Hit { hunt, rule });
}
for ((group, timestamp), mut hits) in hits {
hits.sort_by(|x, y| x.rule.name().cmp(&y.rule.name()));
hits.sort_by(|x, y| x.rule.name().cmp(y.rule.name()));
let groups = groups.entry(group).or_insert(vec![]);
(*groups).push(Grouping {
kind: &detection.kind,
Expand Down
37 changes: 17 additions & 20 deletions src/hunt.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,28 +90,25 @@ impl HunterBuilder {
let mut hunts = vec![];
let rules = match self.rules {
Some(mut rules) => {
rules.sort_by(|x, y| x.name().cmp(&y.name()));
rules.sort_by(|x, y| x.name().cmp(y.name()));
let mut map = BTreeMap::new();
for rule in rules {
let uuid = Uuid::new_v4();
match &rule {
Rule::Chainsaw(rule) => {
let mapper = Mapper::from(rule.fields.clone());
hunts.push(Hunt {
id: uuid,

group: rule.group.clone(),
kind: HuntKind::Rule {
aggregate: rule.aggregate.clone(),
filter: rule.filter.clone(),
},
timestamp: rule.timestamp.clone(),

file: rule.kind.clone(),
mapper,
});
}
_ => {}
if let Rule::Chainsaw(rule) = &rule {
let mapper = Mapper::from(rule.fields.clone());
hunts.push(Hunt {
id: uuid,

group: rule.group.clone(),
kind: HuntKind::Rule {
aggregate: rule.aggregate.clone(),
filter: rule.filter.clone(),
},
timestamp: rule.timestamp.clone(),

file: rule.kind.clone(),
mapper,
});
}
map.insert(uuid, rule);
}
Expand Down Expand Up @@ -624,7 +621,7 @@ impl Hunter {
pub fn extensions(&self) -> HashSet<String> {
let mut extensions = HashSet::new();
for rule in &self.inner.rules {
if let Some(e) = FileKind::extensions(&rule.1.types()) {
if let Some(e) = FileKind::extensions(rule.1.types()) {
extensions.extend(e.iter().cloned());
}
}
Expand Down
3 changes: 1 addition & 2 deletions src/rule/chainsaw.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,8 +155,7 @@ pub fn load(rule: &Path) -> crate::Result<Rule> {
Filter::Expression(expression) => Filter::Expression({
let expression = optimiser::shake(expression);
let expression = optimiser::rewrite(expression);
let expression = optimiser::matrix(expression);
expression
optimiser::matrix(expression)
}),
};
Ok(rule)
Expand Down
8 changes: 4 additions & 4 deletions src/rule/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -234,7 +234,7 @@ pub fn load(
}
let sigma = match sigma::load(path)?
.into_iter()
.map(|y| serde_yaml::from_value::<Sigma>(y))
.map(serde_yaml::from_value::<Sigma>)
.collect::<Result<Vec<_>, _>>()
{
Ok(rules) => rules,
Expand All @@ -261,13 +261,13 @@ pub fn load(
if let Some(levels) = levels.as_ref() {
rules = rules
.into_iter()
.filter(|r| levels.contains(&r.level()))
.filter(|r| levels.contains(r.level()))
.collect();
}
if let Some(statuses) = statuses.as_ref() {
rules = rules
.into_iter()
.filter(|r| statuses.contains(&r.status()))
.filter(|r| statuses.contains(r.status()))
.collect();
}
Ok(rules)
Expand All @@ -292,7 +292,7 @@ pub fn lint(kind: &Kind, path: &Path) -> crate::Result<Vec<Filter>> {
Ok(yamls) => {
let sigma = yamls
.into_iter()
.map(|y| serde_yaml::from_value::<Sigma>(y))
.map(serde_yaml::from_value::<Sigma>)
.collect::<Result<Vec<_>, _>>()?;
sigma
.into_iter()
Expand Down
22 changes: 10 additions & 12 deletions src/rule/sigma.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,7 +289,7 @@ fn prepare_condition(condition: &str) -> Result<(String, Option<Aggregate>)> {
// agg-function(agg-field) [ by group-field ] comparison-op value
if let Some(kind) = parts.next() {
if let Some(rest) = kind.strip_prefix("count(") {
if let Some(field) = rest.strip_suffix(")") {
if let Some(field) = rest.strip_suffix(')') {
if !field.is_empty() {
fields.push(field.to_owned());
}
Expand Down Expand Up @@ -413,7 +413,7 @@ fn prepare(
}
}
detection = Detection {
condition: Some(Yaml::String(condition.to_owned())),
condition: Some(Yaml::String(condition)),
identifiers,
}
}
Expand Down Expand Up @@ -451,8 +451,7 @@ fn detections_to_tau(detection: Detection) -> Result<Mapping> {
match v {
Yaml::Sequence(sequence) => {
let mut blocks = vec![];
let mut index = 0;
for entry in sequence {
for (index, entry) in sequence.into_iter().enumerate() {
let mapping = match entry.as_mapping() {
Some(mapping) => mapping,
None => bail!("keyless identifiers cannot be converted"),
Expand All @@ -475,7 +474,7 @@ fn detections_to_tau(detection: Detection) -> Result<Mapping> {
if modifiers.contains("all") {
f = format!("all({})", f);
}
let v = parse_identifier(&v, &modifiers)?;
let v = parse_identifier(v, &modifiers)?;
let f = f.into();
let mut map = Mapping::new();
map.insert(f, v);
Expand All @@ -497,7 +496,6 @@ fn detections_to_tau(detection: Detection) -> Result<Mapping> {
Yaml::Sequence(maps.into_iter().map(|m| m.into()).collect()),
));
}
index += 1;
}
patches.insert(
k,
Expand All @@ -512,7 +510,7 @@ fn detections_to_tau(detection: Detection) -> Result<Mapping> {
),
);
for (k, v) in blocks {
det.insert(k.into(), v.into());
det.insert(k.into(), v);
}
}
Yaml::Mapping(mapping) => {
Expand Down Expand Up @@ -569,7 +567,7 @@ fn detections_to_tau(detection: Detection) -> Result<Mapping> {
.replace(" OR ", " or ")
.split_whitespace()
.map(|ident| {
let key = ident.trim_start_matches("(").trim_end_matches(")");
let key = ident.trim_start_matches('(').trim_end_matches(')');
match patches.get(key) {
Some(v) => ident.replace(key, v),
None => ident.to_owned(),
Expand Down Expand Up @@ -603,7 +601,7 @@ fn detections_to_tau(detection: Detection) -> Result<Mapping> {
let mut parts = condition.split_whitespace();
while let Some(part) = parts.next() {
let mut token = part;
while let Some(tail) = token.strip_prefix("(") {
while let Some(tail) = token.strip_prefix('(') {
mutated.push("(".to_owned());
token = tail;
}
Expand All @@ -619,11 +617,11 @@ fn detections_to_tau(detection: Detection) -> Result<Mapping> {
if let Some(next) = parts.next() {
let mut brackets = vec![];
let mut identifier = next;
while let Some(head) = identifier.strip_suffix(")") {
while let Some(head) = identifier.strip_suffix(')') {
brackets.push(")".to_owned());
identifier = head;
}
if let Some(ident) = identifier.strip_suffix("*") {
if let Some(ident) = identifier.strip_suffix('*') {
let mut keys = vec![];
for (k, _) in &det {
if let Yaml::String(key) = k {
Expand Down Expand Up @@ -651,7 +649,7 @@ fn detections_to_tau(detection: Detection) -> Result<Mapping> {
Some(i) => i,
None => identifier,
};
let key = next.replace(identifier, &key);
let key = next.replace(identifier, key);
if part == "all" {
mutated.push(format!("all({})", key));
} else if part == "1" {
Expand Down

0 comments on commit 61544f9

Please sign in to comment.