vaas/message/
verdict.rs

1use crate::error::Error;
2use crate::error::Error::NoUploadUrl;
3use crate::message::upload_url::UploadUrl;
4use crate::message::VerdictResponse;
5use serde::{Deserialize, Serialize};
6use std::convert::TryFrom;
7use std::fmt;
8
9/// A `Verdict` is a response from the server that indicates whether the
10/// submission is `Clean`, `Malicious`, `Pup` or `Unknown`.
11#[derive(Debug, PartialEq, Eq, Clone, Serialize, Deserialize)]
12pub enum Verdict {
13    /// No malicious content found.
14    Clean,
15    /// Malicious content found.
16    Malicious {
17        /// Name of the first detected malware in the sample
18        detection: String,
19    },
20    /// Potentially unwanted content found.
21    Pup {
22        /// Name of the first dected pup in the sample
23        detection: String,
24    },
25    /// Unknown if clean or malicious.
26    Unknown {
27        /// Pre-signed URL to submit a file for further analysis to get a `Clean` or `Malicious` verdict.
28        upload_url: UploadUrl,
29    },
30}
31
32impl fmt::Display for Verdict {
33    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
34        match self {
35            Verdict::Unknown { upload_url: _ } => write!(f, "Unknown"),
36            _ => write!(f, "{self:?}"),
37        }
38    }
39}
40
41impl TryFrom<&VerdictResponse> for Verdict {
42    type Error = Error;
43
44    fn try_from(value: &VerdictResponse) -> Result<Self, Self::Error> {
45        match value.verdict.as_str() {
46            "Clean" => Ok(Verdict::Clean),
47            "Malicious" => Ok(Verdict::Malicious {
48                detection: value
49                    .detection
50                    .to_owned()
51                    .unwrap_or(String::from("Generic.Malware")),
52            }),
53            "Pup" => Ok(Verdict::Pup {
54                detection: value
55                    .detection
56                    .to_owned()
57                    .unwrap_or(String::from("Generic.Pup")),
58            }),
59            "Unknown" => Ok(Verdict::Unknown {
60                upload_url: UploadUrl(value.url.to_owned().ok_or(NoUploadUrl)?),
61            }),
62            v => Err(Error::InvalidVerdict(v.to_string())),
63        }
64    }
65}