diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml new file mode 100644 index 0000000..e70c8a1 --- /dev/null +++ b/.github/workflows/rust.yml @@ -0,0 +1,41 @@ +name: Rust + +on: + push: + branches: [ "master" ] + pull_request: + branches: [ "master" ] + +env: + CARGO_TERM_COLOR: always + +jobs: + build-and-test: + runs-on: windows-2022 + steps: + - uses: actions/checkout@v3 + - uses: actions-rs/toolchain@v1 + with: + profile: minimal + toolchain: stable + override: true + - uses: actions-rs/cargo@v1 + with: + command: check + - uses: actions-rs/cargo@v1 + with: + command: test + + clippy-on-diffs: + runs-on: windows-2022 + steps: + - uses: actions/checkout@v3 + - uses: actions-rs/toolchain@v1 + with: + profile: minimal + toolchain: stable + override: true + - uses: actions-rs/clippy-check@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + diff --git a/src/native/etw_types.rs b/src/native/etw_types.rs index db1047a..5a0a50a 100644 --- a/src/native/etw_types.rs +++ b/src/native/etw_types.rs @@ -31,9 +31,9 @@ pub const INVALID_TRACE_HANDLE: TraceHandle = u64::MAX; #[allow(dead_code)] pub(crate) enum ControlValues { - ControlQuery = 0, - ControlStop = 1, - ControlUpdate = 2, + Query = 0, + Stop = 1, + Update = 2, } #[allow(dead_code)] diff --git a/src/native/evntrace.rs b/src/native/evntrace.rs index 33585d0..82d42bc 100644 --- a/src/native/evntrace.rs +++ b/src/native/evntrace.rs @@ -63,7 +63,7 @@ impl NativeEtw { } pub(crate) fn session_handle(&self) -> TraceHandle { - self.session_handle.clone() + self.session_handle } // Not a big fan of this... @@ -82,14 +82,14 @@ impl NativeEtw { if self.session_handle == INVALID_TRACE_HANDLE { return Err(EvntraceNativeError::InvalidHandle); } - Ok(self.process()?) + self.process() } pub(crate) fn open( &mut self, trace_data: &TraceData, ) -> EvntraceNativeResult { - Ok(self.open_trace(trace_data)?) + self.open_trace(trace_data) } pub(crate) fn stop(&mut self, trace_data: &TraceData) -> EvntraceNativeResult<()> { @@ -103,13 +103,13 @@ impl NativeEtw { return Err(EvntraceNativeError::InvalidHandle); } - let clone_handle = self.session_handle.clone(); + let clone_handle = self.session_handle; std::thread::spawn(move || { let mut now = FILETIME::default(); unsafe { GetSystemTimeAsFileTime(&mut now); - Etw::ProcessTrace(&[clone_handle], &mut now, std::ptr::null_mut()); + Etw::ProcessTrace(&[clone_handle], &now, std::ptr::null_mut()); // if Etw::ProcessTrace(&[clone_handlee], &mut now, std::ptr::null_mut()) != 0 { // return Err(EvntraceNativeError::IoError(std::io::Error::last_os_error())); // } @@ -213,22 +213,22 @@ impl NativeEtw { pub(crate) fn enable_trace( &self, - mut guid: GUID, + guid: GUID, any: u64, all: u64, level: u8, - mut parameters: EnableTraceParameters, + parameters: EnableTraceParameters, ) -> EvntraceNativeResult<()> { unsafe { if Etw::EnableTraceEx2( self.registration_handle, - &mut guid, + &guid, 1, // Fixme: EVENT_CONTROL_CODE_ENABLE_PROVIDER level, any, all, 0, - &mut *parameters, + &*parameters, ) != 0 { return Err(EvntraceNativeError::IoError(std::io::Error::last_os_error())); diff --git a/src/native/pla.rs b/src/native/pla.rs index c21ef23..2390521 100644 --- a/src/native/pla.rs +++ b/src/native/pla.rs @@ -75,15 +75,15 @@ pub struct Variant { impl Variant { pub fn new(vt: u16, val: u32) -> Self { - let mut variant = Variant::default(); - variant.vt = vt; - variant.val = val; - - variant + Variant{ + vt, + val, + ..Default::default() + } } pub fn increment_val(&mut self) { - self.val = self.val + 1; + self.val += 1; } pub fn get_val(&self) -> u32 { self.val diff --git a/src/native/tdh.rs b/src/native/tdh.rs index f421209..dad85b3 100644 --- a/src/native/tdh.rs +++ b/src/native/tdh.rs @@ -27,11 +27,11 @@ impl From for TdhNativeError { pub(crate) type TdhNativeResult = Result; -pub(crate) fn schema_from_tdh(mut event: EventRecord) -> TdhNativeResult { +pub(crate) fn schema_from_tdh(event: EventRecord) -> TdhNativeResult { let mut buffer_size = 0; unsafe { if Etw::TdhGetEventInformation( - &mut event, + &event, &[], std::ptr::null_mut(), &mut buffer_size, @@ -42,7 +42,7 @@ pub(crate) fn schema_from_tdh(mut event: EventRecord) -> TdhNativeResult TdhNativeResult TdhNativeResult { +pub(crate) fn property_size(event: EventRecord, name: &str) -> TdhNativeResult { let mut property_size = 0; - let mut desc = Etw::PROPERTY_DATA_DESCRIPTOR::default(); - desc.ArrayIndex = u32::MAX; - let name = name.as_utf16(); - desc.PropertyName = name.as_ptr() as u64; + let name = name.into_utf16(); + let desc = Etw::PROPERTY_DATA_DESCRIPTOR{ + ArrayIndex: u32::MAX, + PropertyName: name.as_ptr() as u64, + ..Default::default() + }; unsafe { let status = Etw::TdhGetPropertySize( - &mut event, + &event, &[], &[desc], &mut property_size, diff --git a/src/native/tdh_types.rs b/src/native/tdh_types.rs index 70bb646..a694144 100644 --- a/src/native/tdh_types.rs +++ b/src/native/tdh_types.rs @@ -58,7 +58,11 @@ impl Property { } pub fn len(&self) -> usize { - self.length.clone() as usize + self.length as usize + } + + pub fn is_empty(&self) -> bool { + self.length == 0 } } @@ -162,7 +166,7 @@ bitflags! { impl From for PropertyFlags { fn from(val: Etw::PROPERTY_FLAGS) -> Self { - let flags: i32 = val.0.into(); + let flags: i32 = val.0; // Should be a safe cast PropertyFlags::from_bits_truncate(flags as u32) } diff --git a/src/native/version_helper.rs b/src/native/version_helper.rs index ec4922d..7d2008e 100644 --- a/src/native/version_helper.rs +++ b/src/native/version_helper.rs @@ -32,11 +32,13 @@ type OsVersionInfo = OSVERSIONINFOEXA; const VER_GREATER_OR_EQUAL: u8 = windows::Win32::System::SystemServices::VER_GREATER_EQUAL as u8; fn verify_system_version(major: u8, minor: u8, sp_major: u16) -> VersionHelperResult { - let mut os_version = OsVersionInfo::default(); - os_version.dwOSVersionInfoSize = std::mem::size_of::() as u32; - os_version.dwMajorVersion = major as u32; - os_version.dwMajorVersion = minor as u32; - os_version.wServicePackMajor = sp_major; + let mut os_version = OsVersionInfo{ + dwOSVersionInfoSize: std::mem::size_of::() as u32, + dwMajorVersion: major as u32, + dwMinorVersion: minor as u32, + wServicePackMajor: sp_major, + ..Default::default() + }; let mut condition_mask = 0; unsafe { diff --git a/src/parser.rs b/src/parser.rs index 7ea1bc4..b246fb3 100644 --- a/src/parser.rs +++ b/src/parser.rs @@ -119,6 +119,7 @@ impl<'a> Parser<'a> { } // TODO: Find a cleaner way to do this, not very happy with it rn + #[allow(clippy::len_zero)] fn find_property_size(&self, property: &Property) -> ParserResult { // There are several cases // * regular case, where property.len() directly makes sense @@ -129,20 +130,18 @@ impl<'a> Parser<'a> { if property .flags .intersects(PropertyFlags::PROPERTY_PARAM_LENGTH) == false - && property.len() > 0 + && (property.len() > 0) { - let size; - if property.in_type() != TdhInType::InTypePointer { - size = property.len() as usize; - } else { - // There is an exception regarding pointer size though - // When reading captures from another architecture, we should take care of the _source_ pointer size, not the current architecture's pointer size. - size = if (self.schema.event_flags() & EVENT_HEADER_FLAG_32_BIT_HEADER) != 0 { - 4 - } else { - 8 - }; - } + let size = match property.in_type() { + TdhInType::InTypePointer => property.len() as usize, + _ => { + if (self.schema.event_flags() & EVENT_HEADER_FLAG_32_BIT_HEADER) != 0 { + 4 + } else { + 8 + } + } + }; return Ok(size); } @@ -171,7 +170,7 @@ impl<'a> Parser<'a> { None => return Err(ParserError::PropertyError("Index out of bounds".to_owned())), }; - let prop_size = self.find_property_size(&curr_prop)?; + let prop_size = self.find_property_size(curr_prop)?; if self.buffer.len() < prop_size { return Err(ParserError::PropertyError( diff --git a/src/provider.rs b/src/provider.rs index 5bdd207..59f9a3f 100644 --- a/src/provider.rs +++ b/src/provider.rs @@ -144,7 +144,7 @@ pub mod kernel_providers { /// Use the `new` function to create a Kernel Provider which can be then tied into a Provider pub const fn new(guid: GUID, flags: u32) -> KernelProvider { KernelProvider { - guid: guid, + guid, flags, } } @@ -265,6 +265,8 @@ pub mod kernel_providers { KernelProvider::new(kernel_guids::ALPC_GUID, kernel_flags::EVENT_TRACE_FLAG_ALPC); } +type EtwCallback = Box; + /// Main Provider structure pub struct Provider { /// Option that represents a Provider GUID @@ -280,11 +282,7 @@ pub struct Provider { /// Provider kernel flags, only apply to KernelProvider pub flags: u32, // Only applies to KernelProviders // perfinfo - callbacks: Arc< - RwLock< - Vec>, - >, - >, + callbacks: Arc>>, // filters: RwLock>, } diff --git a/src/schema.rs b/src/schema.rs index 48d7d23..3e2bada 100644 --- a/src/schema.rs +++ b/src/schema.rs @@ -119,7 +119,7 @@ impl SchemaLocator { if !self.schemas.contains_key(&key) { // TODO: Cloning for now, should be a reference at some point... - info = Arc::from(tdh::schema_from_tdh(event.clone())?); + info = Arc::from(tdh::schema_from_tdh(event)?); self.schemas.insert(key, Arc::clone(&info)); } else { info = Arc::clone(self.schemas.get(&key).unwrap()); diff --git a/src/trace.rs b/src/trace.rs index 21a5570..f956b13 100644 --- a/src/trace.rs +++ b/src/trace.rs @@ -101,7 +101,7 @@ impl TraceData { } pub(crate) fn on_event(&mut self, record: EventRecord) { - self.events_handled = self.events_handled + 1; + self.events_handled += 1; let locator = &mut self.schema_locator; // We need a mutable reference to be able to modify the data it refers, which is actually // done within the Callback (The schema locator is modified) @@ -216,7 +216,7 @@ macro_rules! impl_base_trace { if let Err(err) = self.etw.start() { match err { evntrace::EvntraceNativeError::InvalidHandle => { - return Ok(self.open()?.process()?); + return self.open()?.process(); }, _=> return Err(TraceError::EtwNativeError(err)), }; @@ -332,7 +332,7 @@ impl TraceTrait for UserTrace { EnableTraceParameters::create(prov_guid, prov.trace_flags); // Fixme: return error if this fails self.etw.enable_trace( - prov_guid.clone(), + prov_guid, prov.any, prov.all, prov.level, diff --git a/src/traits.rs b/src/traits.rs index e145dd8..7594c81 100644 --- a/src/traits.rs +++ b/src/traits.rs @@ -7,11 +7,11 @@ pub trait LastOsError> { } pub trait EncodeUtf16 { - fn as_utf16(self: Self) -> Vec; + fn into_utf16(self) -> Vec; } impl EncodeUtf16 for &str { - fn as_utf16(self: Self) -> Vec { + fn into_utf16(self) -> Vec { self.encode_utf16() // Make a UTF-16 iterator .chain(iter::once(0)) // Append a null .collect() // Collect the iterator into a vector @@ -19,7 +19,7 @@ impl EncodeUtf16 for &str { } impl EncodeUtf16 for String { - fn as_utf16(self: Self) -> Vec { - self.as_str().as_utf16() + fn into_utf16(self) -> Vec { + self.as_str().into_utf16() } } diff --git a/src/utils.rs b/src/utils.rs index e4e1089..9693259 100644 --- a/src/utils.rs +++ b/src/utils.rs @@ -19,7 +19,6 @@ pub fn parse_unk_size_null_utf16_string(v: &[u8]) -> String { .collect::>() .as_slice(), ) - .to_string() } pub fn parse_null_utf16_string(v: &[u8]) -> String {