Re-enable disabled tests and reduce warnings to 8

2025-11-20 14:42:06 +02:00
parent a19c56fe86
commit 934b367f49
13 changed files with 126 additions and 119 deletions
--- a/ghost-core/src/evasion.rs
+++ b/ghost-core/src/evasion.rs
@@ -1,3 +1,5 @@
+#![allow(dead_code)]
+
 use crate::{MemoryProtection, MemoryRegion, ProcessInfo, ThreadInfo};
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
@@ -785,7 +787,7 @@ impl TimingAnalyzer {
        }
    }

-    fn detect_sleep_evasion(&self, process: &ProcessInfo) -> Option<EvasionTechnique> {
+    fn detect_sleep_evasion(&self, _process: &ProcessInfo) -> Option<EvasionTechnique> {
        // Detect various sleep-based evasion techniques
        // This would analyze actual sleep patterns in a real implementation
        Some(EvasionTechnique {
@@ -803,8 +805,8 @@ impl TimingAnalyzer {

    fn detect_timing_anomalies(
        &self,
-        process: &ProcessInfo,
-        threads: &[ThreadInfo],
+        _process: &ProcessInfo,
+        _threads: &[ThreadInfo],
    ) -> Option<EvasionTechnique> {
        // Detect timing-based anti-analysis techniques
        Some(EvasionTechnique {
@@ -822,7 +824,7 @@ impl TimingAnalyzer {
 }

 #[derive(Debug, Clone)]
-struct TimingEvasionResult {
+pub struct TimingEvasionResult {
    techniques: Vec<EvasionTechnique>,
    confidence: f32,
    sophistication: f32,
@@ -882,7 +884,7 @@ impl EnvironmentChecker {
        }
    }

-    fn detect_vm_evasion(&self, process: &ProcessInfo) -> Option<EvasionTechnique> {
+    fn detect_vm_evasion(&self, _process: &ProcessInfo) -> Option<EvasionTechnique> {
        Some(EvasionTechnique {
            technique_name: "Virtual Machine Detection".to_string(),
            mitre_id: "T1497.001".to_string(),
@@ -896,7 +898,7 @@ impl EnvironmentChecker {
        })
    }

-    fn detect_debugger_evasion(&self, process: &ProcessInfo) -> Option<EvasionTechnique> {
+    fn detect_debugger_evasion(&self, _process: &ProcessInfo) -> Option<EvasionTechnique> {
        Some(EvasionTechnique {
            technique_name: "Debugger Detection".to_string(),
            mitre_id: "T1497.001".to_string(),
@@ -911,7 +913,7 @@ impl EnvironmentChecker {
        })
    }

-    fn detect_sandbox_evasion(&self, process: &ProcessInfo) -> Option<EvasionTechnique> {
+    fn detect_sandbox_evasion(&self, _process: &ProcessInfo) -> Option<EvasionTechnique> {
        Some(EvasionTechnique {
            technique_name: "Sandbox Detection".to_string(),
            mitre_id: "T1497.001".to_string(),
@@ -928,7 +930,7 @@ impl EnvironmentChecker {
 }

 #[derive(Debug, Clone)]
-struct EnvironmentEvasionResult {
+pub struct EnvironmentEvasionResult {
    techniques: Vec<EvasionTechnique>,
    confidence: f32,
    sophistication: f32,
@@ -954,7 +956,7 @@ impl BehaviorAnalyzer {
        &mut self,
        process: &ProcessInfo,
        memory_regions: &[MemoryRegion],
-        threads: &[ThreadInfo],
+        _threads: &[ThreadInfo],
    ) -> BehaviorEvasionResult {
        let mut techniques = Vec::new();
        let mut confidence = 0.0f32;
@@ -990,7 +992,7 @@ impl BehaviorAnalyzer {
 }

 #[derive(Debug, Clone)]
-struct BehaviorEvasionResult {
+pub struct BehaviorEvasionResult {
    techniques: Vec<EvasionTechnique>,
    confidence: f32,
    sophistication: f32,
@@ -1012,7 +1014,7 @@ impl ApiHookingDetector {
        }
    }

-    pub fn detect_api_evasion(&self, process: &ProcessInfo) -> Option<EvasionTechnique> {
+    pub fn detect_api_evasion(&self, _process: &ProcessInfo) -> Option<EvasionTechnique> {
        Some(EvasionTechnique {
            technique_name: "API Hooking Evasion".to_string(),
            mitre_id: "T1562.002".to_string(),
@@ -1057,8 +1059,8 @@ impl ExecutionFlowAnalyzer {

    pub fn analyze_execution_flow(
        &self,
-        process: &ProcessInfo,
-        memory_regions: &[MemoryRegion],
+        _process: &ProcessInfo,
+        _memory_regions: &[MemoryRegion],
    ) -> Option<EvasionTechnique> {
        Some(EvasionTechnique {
            technique_name: "Control Flow Hijacking".to_string(),
@@ -1165,8 +1167,8 @@ impl ObfuscationDetector {

    fn detect_packer_evasion(
        &self,
-        process: &ProcessInfo,
-        memory_regions: &[MemoryRegion],
+        _process: &ProcessInfo,
+        _memory_regions: &[MemoryRegion],
    ) -> Option<EvasionTechnique> {
        Some(EvasionTechnique {
            technique_name: "Runtime Packing".to_string(),
@@ -1184,8 +1186,8 @@ impl ObfuscationDetector {

    fn detect_code_obfuscation(
        &self,
-        process: &ProcessInfo,
-        memory_regions: &[MemoryRegion],
+        _process: &ProcessInfo,
+        _memory_regions: &[MemoryRegion],
    ) -> Option<EvasionTechnique> {
        Some(EvasionTechnique {
            technique_name: "Code Obfuscation".to_string(),
@@ -1203,7 +1205,7 @@ impl ObfuscationDetector {
 }

 #[derive(Debug, Clone)]
-struct ObfuscationEvasionResult {
+pub struct ObfuscationEvasionResult {
    techniques: Vec<EvasionTechnique>,
    confidence: f32,
    sophistication: f32,
--- a/ghost-core/src/hollowing.rs
+++ b/ghost-core/src/hollowing.rs
@@ -143,7 +143,7 @@ impl HollowingDetector {

    fn check_main_image_unmapping(
        &self,
-        process: &ProcessInfo,
+        _process: &ProcessInfo,
        regions: &[MemoryRegion],
    ) -> Option<HollowingIndicator> {
        // Look for the main executable image region
--- a/ghost-core/src/memory.rs
+++ b/ghost-core/src/memory.rs
@@ -626,15 +626,19 @@ mod platform {
 #[cfg(target_os = "macos")]
 mod platform {
    use super::{MemoryProtection, MemoryRegion};
-    use anyhow::{Context, Result};
-    use libc::{c_int, pid_t, size_t};
-    use std::ptr;
+    use anyhow::Result;
+    use libc::{c_int, pid_t};

    // Mach types and constants
+    #[allow(non_camel_case_types)]
    type mach_port_t = u32;
+    #[allow(non_camel_case_types)]
    type vm_address_t = usize;
+    #[allow(non_camel_case_types)]
    type vm_size_t = usize;
+    #[allow(non_camel_case_types)]
    type vm_prot_t = c_int;
+    #[allow(non_camel_case_types)]
    type kern_return_t = c_int;

    const KERN_SUCCESS: kern_return_t = 0;
--- a/ghost-core/src/ml_cloud.rs
+++ b/ghost-core/src/ml_cloud.rs
@@ -1,3 +1,5 @@
+#![allow(dead_code)]
+
 use crate::{GhostError, MemoryRegion, ProcessInfo};
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
@@ -61,7 +63,7 @@ pub struct TechniquePrediction {
 }

 #[derive(Debug, Clone, Serialize, Deserialize)]
-struct CachedPrediction {
+pub struct CachedPrediction {
    result: InferenceResult,
    timestamp: SystemTime,
    ttl: Duration,
--- a/ghost-core/src/streaming.rs
+++ b/ghost-core/src/streaming.rs
@@ -1,3 +1,5 @@
+#![allow(dead_code)]
+
 use crate::{DetectionResult, EvasionResult, ProcessInfo, ThreatContext, ThreatLevel};
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
--- a/ghost-core/src/testing.rs
+++ b/ghost-core/src/testing.rs
@@ -1,3 +1,5 @@
+#![allow(dead_code)]
+
 use crate::{
    DetectionEngine, DetectionResult, MemoryProtection, MemoryRegion, ProcessInfo, ThreadInfo,
    ThreatLevel,
--- a/ghost-core/src/threat_intel.rs
+++ b/ghost-core/src/threat_intel.rs
@@ -1,4 +1,6 @@
-use crate::{DetectionResult, ProcessInfo, ThreatLevel};
+#![allow(dead_code)]
+
+use crate::{DetectionResult, ThreatLevel};
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
 use std::time::{Duration, SystemTime};
@@ -431,7 +433,7 @@ impl ThreatIntelligence {

    async fn fetch_json_feed(
        &self,
-        feed: &ThreatFeed,
+        _feed: &ThreatFeed,
    ) -> Result<Vec<IndicatorOfCompromise>, Box<dyn std::error::Error>> {
        // Placeholder implementation
        // In a real implementation, this would fetch from the feed URL
@@ -440,7 +442,7 @@ impl ThreatIntelligence {

    async fn fetch_stix_feed(
        &self,
-        feed: &ThreatFeed,
+        _feed: &ThreatFeed,
    ) -> Result<Vec<IndicatorOfCompromise>, Box<dyn std::error::Error>> {
        // Placeholder implementation
        // In a real implementation, this would parse STIX/TAXII data
@@ -449,7 +451,7 @@ impl ThreatIntelligence {

    async fn fetch_csv_feed(
        &self,
-        feed: &ThreatFeed,
+        _feed: &ThreatFeed,
    ) -> Result<Vec<IndicatorOfCompromise>, Box<dyn std::error::Error>> {
        // Placeholder implementation
        // In a real implementation, this would parse CSV threat data
@@ -680,7 +682,7 @@ impl AttributionEngine {
        &self,
        rule: &AttributionRule,
        iocs: &[IndicatorOfCompromise],
-        indicators: &[String],
+        _indicators: &[String],
    ) -> f32 {
        let mut total_confidence = 0.0f32;
        let mut condition_count = 0;
--- a/ghost-core/src/yara_engine.rs
+++ b/ghost-core/src/yara_engine.rs
@@ -60,7 +60,7 @@ struct CachedScanResult {
 }

 impl DynamicYaraEngine {
-    pub fn new(config_path: Option<&str>) -> Result<Self, GhostError> {
+    pub fn new(_config_path: Option<&str>) -> Result<Self, GhostError> {
        let sources = vec![
            YaraRuleSource {
                name: "Malware Bazaar".to_string(),
@@ -113,7 +113,7 @@ impl DynamicYaraEngine {

    pub async fn scan_process(
        &self,
-        process: &ProcessInfo,
+        _process: &ProcessInfo,
        memory_regions: &[MemoryRegion],
    ) -> Result<YaraScanResult, GhostError> {
        let start_time = SystemTime::now();
@@ -121,7 +121,7 @@ impl DynamicYaraEngine {
        let mut bytes_scanned = 0;

        // Simulate YARA scanning
-        for (i, region) in memory_regions.iter().enumerate() {
+        for region in memory_regions.iter() {
            bytes_scanned += region.size;

            // Simulate finding suspicious patterns