Add rayhunter-check, a utility for running QMDL heuristics

2026-04-26 23:49:59 -07:00 · 2024-03-11 18:21:52 -07:00
parent f19506b415
commit 531c10cf29
10 changed files with 233 additions and 49 deletions
--- a/lib/src/analysis/analyzer.rs
+++ b/lib/src/analysis/analyzer.rs
@@ -1,4 +1,5 @@
 use std::borrow::Cow;
+use serde::Serialize;

 use super::information_element::InformationElement;

@@ -7,6 +8,7 @@ use super::information_element::InformationElement;
 ///   * Low: if combined with a large number of other Warnings, user should investigate
 ///   * Medium: if combined with a few other Warnings, user should investigate
 ///   * High: user should investigate
+#[derive(Serialize, Debug, Clone)]
 pub enum Severity {
    Low,
    Medium,
@@ -15,14 +17,17 @@ pub enum Severity {

 /// [QualitativeWarning] events will always be shown to the user in some manner,
 /// while `Informational` ones may be hidden based on user settings.
+#[derive(Serialize, Debug, Clone)]
+#[serde(tag = "type")]
 pub enum EventType {
    Informational,
-    QualitativeWarning(Severity),
+    QualitativeWarning { severity: Severity },
 }

 /// Events are user-facing signals that can be emitted by an [Analyzer] upon a
 /// message being received. They can be used to signifiy an IC detection
 /// warning, or just to display some relevant information to the user.
+#[derive(Serialize, Debug, Clone)]
 pub struct Event {
    pub event_type: EventType,
    pub message: String,
@@ -49,3 +54,37 @@ pub trait Analyzer {
    /// thousands of them alongside many other [Analyzers](Analyzer).
    fn analyze_information_element(&mut self, ie: &InformationElement) -> Option<Event>;
 }
+
+pub struct Harness {
+    analyzers: Vec<Box<dyn Analyzer>>,
+}
+
+impl Harness {
+    pub fn new() -> Self {
+        Self {
+            analyzers: Vec::new(),
+        }
+    }
+
+    pub fn add_analyzer(&mut self, analyzer: Box<dyn Analyzer>) {
+        self.analyzers.push(analyzer);
+    }
+
+    pub fn analyze_information_element(&mut self, ie: &InformationElement) -> Vec<Option<Event>> {
+        self.analyzers.iter_mut()
+            .map(|analyzer| analyzer.analyze_information_element(ie))
+            .collect()
+    }
+
+    pub fn get_names(&self) -> Vec<Cow<'_, str>> {
+        self.analyzers.iter()
+            .map(|analyzer| analyzer.get_name())
+            .collect()
+    }
+
+    pub fn get_descriptions(&self) -> Vec<Cow<'_, str>> {
+        self.analyzers.iter()
+            .map(|analyzer| analyzer.get_description())
+            .collect()
+    }
+}