From ea63251a4bc65dc76ee518fa59bfe3b68e81566c Mon Sep 17 00:00:00 2001 From: DastInDark <2350416+hitenkoku@users.noreply.github.com> Date: Mon, 18 Jul 2022 00:15:10 +0900 Subject: [PATCH] cargo fmt --- src/detections/detection.rs | 26 ++++++++++++++++++++------ src/detections/utils.rs | 17 ++++++++++++----- 2 files changed, 32 insertions(+), 11 deletions(-) diff --git a/src/detections/detection.rs b/src/detections/detection.rs index 0d5a548a..746d3dc2 100644 --- a/src/detections/detection.rs +++ b/src/detections/detection.rs @@ -1,7 +1,7 @@ extern crate csv; use crate::detections::configs; -use crate::detections::utils::{write_color_buffer, get_output_str_path}; +use crate::detections::utils::{get_output_str_path, write_color_buffer}; use termcolor::{BufferWriter, Color, ColorChoice}; use crate::detections::message::AlertMessage; @@ -255,7 +255,11 @@ impl Detection { None }; let conf = configs::CONFIG.read().unwrap(); - let abs_rule_path = &PathBuf::from(&rule.rulepath).canonicalize().unwrap().display().to_string()[4..]; + let abs_rule_path = &PathBuf::from(&rule.rulepath) + .canonicalize() + .unwrap() + .display() + .to_string()[4..]; let file_opt_path = if conf.args.filepath.is_some() { conf.args.filepath.as_ref().unwrap() } else { @@ -263,7 +267,10 @@ impl Detection { }; let detect_info = DetectInfo { filepath: get_output_str_path(file_opt_path, Path::new(&record_info.evtx_filepath)), - rulepath: get_output_str_path(&configs::CONFIG.read().unwrap().args.rules, Path::new(abs_rule_path)), + rulepath: get_output_str_path( + &configs::CONFIG.read().unwrap().args.rules, + Path::new(abs_rule_path), + ), level: rule.yaml["level"].as_str().unwrap_or("-").to_string(), computername: record_info.record["Event"]["System"]["Computer"] .to_string() @@ -307,11 +314,18 @@ impl Detection { None }; // canonicalizeを行った際に、windows環境で\\?\が必ず文字列として入ってしまう問題があったため先頭の4文字を除外している - let abs_rule_path = &PathBuf::from(&rule.rulepath).canonicalize().unwrap().display().to_string()[4..]; - + let abs_rule_path = &PathBuf::from(&rule.rulepath) + .canonicalize() + .unwrap() + .display() + .to_string()[4..]; + let detect_info = DetectInfo { filepath: "-".to_owned(), - rulepath: get_output_str_path(&configs::CONFIG.read().unwrap().args.rules, Path::new(abs_rule_path)), + rulepath: get_output_str_path( + &configs::CONFIG.read().unwrap().args.rules, + Path::new(abs_rule_path), + ), level: rule.yaml["level"].as_str().unwrap_or("").to_owned(), computername: "-".to_owned(), eventid: "-".to_owned(), diff --git a/src/detections/utils.rs b/src/detections/utils.rs index a5b1179b..3553a565 100644 --- a/src/detections/utils.rs +++ b/src/detections/utils.rs @@ -31,7 +31,8 @@ use termcolor::{BufferWriter, ColorSpec, WriteColor}; use super::detection::EvtxRecordInfo; lazy_static! { - pub static ref OUTPUT_OMIT_REGEX:Regex = Regex::new(r"\.\./|\./|\.\.\\\\|\.\\|\.\.\\").unwrap(); + pub static ref OUTPUT_OMIT_REGEX: Regex = + Regex::new(r"\.\./|\./|\.\.\\\\|\.\\|\.\.\\").unwrap(); } pub fn concat_selection_key(key_list: &[String]) -> String { @@ -400,10 +401,14 @@ pub fn get_output_str_path(option_path: &Path, target_path: &Path) -> String { target_path.to_str().unwrap().to_string() } else { let diff_path_result = diff_paths(target_path, &env::current_dir().unwrap()); - if let Some(diff_path) = diff_path_result { - OUTPUT_OMIT_REGEX.replace_all(diff_path.to_str().unwrap(), "").to_string() + if let Some(diff_path) = diff_path_result { + OUTPUT_OMIT_REGEX + .replace_all(diff_path.to_str().unwrap(), "") + .to_string() } else { - OUTPUT_OMIT_REGEX.replace_all(target_path.to_str().unwrap(), "").to_string() + OUTPUT_OMIT_REGEX + .replace_all(target_path.to_str().unwrap(), "") + .to_string() } } } @@ -412,7 +417,9 @@ pub fn get_output_str_path(option_path: &Path, target_path: &Path) -> String { mod tests { use std::path::Path; - use crate::detections::utils::{self, check_setting_path, make_ascii_titlecase, get_output_str_path}; + use crate::detections::utils::{ + self, check_setting_path, get_output_str_path, make_ascii_titlecase, + }; use regex::Regex; use serde_json::Value;