style: minor code style improvements

shadowx/src/utils/address.rs

@@ -1,15 +1,25 @@
+use alloc::string::ToString;
 use core::{
     ffi::{CStr, c_void},
     ptr::null_mut,
     slice::from_raw_parts,
 };
 
-use crate::data::{IMAGE_DOS_HEADER, IMAGE_EXPORT_DIRECTORY, IMAGE_NT_HEADERS};
 use ntapi::ntexapi::SystemModuleInformation;
 use wdk_sys::{NT_SUCCESS, POOL_FLAG_NON_PAGED};
-use {super::pool::PoolMemory, alloc::string::ToString};
 
-use crate::{Result, SystemModuleInformation, data::ZwQuerySystemInformation, error::ShadowError};
+use super::pool::PoolMemory; 
+use crate::data::{
+    IMAGE_DOS_HEADER, 
+    IMAGE_EXPORT_DIRECTORY, 
+    IMAGE_NT_HEADERS
+};
+use crate::{
+    Result, 
+    SystemModuleInformation, 
+    data::ZwQuerySystemInformation, 
+    error::ShadowError
+};
 
 /// Gets the base address of a specified module by querying system module information.
 /// This function queries the system for all loaded modules and compares their names

shadowx/src/utils/file.rs

@@ -1,3 +1,6 @@
+use alloc::vec::Vec;
+use core::{ffi::c_void, ptr::null_mut};
+
 use wdk_sys::{
     _FILE_INFORMATION_CLASS::FileStandardInformation,
     ntddk::{ZwCreateFile, ZwQueryInformationFile, ZwReadFile},
@@ -5,10 +8,7 @@ use wdk_sys::{
 };
 
 use super::{InitializeObjectAttributes, handle::Handle};
-use crate::Result;
-use crate::error::ShadowError;
-use alloc::vec::Vec;
-use core::{ffi::c_void, ptr::null_mut};
+use crate::{Result, error::ShadowError};
 
 /// Reads the content of a file given its path in the NT kernel environment.
 ///

shadowx/src/utils/mdl.rs

@@ -1,11 +1,17 @@
 use core::ptr::null_mut;
 use wdk_sys::ntddk::{
-    IoAllocateMdl, IoFreeMdl, MmMapLockedPagesSpecifyCache, MmProbeAndLockPages, MmUnlockPages,
+    IoAllocateMdl, IoFreeMdl, 
+    MmMapLockedPagesSpecifyCache, 
+    MmProbeAndLockPages, 
+    MmUnlockPages,
     MmUnmapLockedPages,
 };
 use wdk_sys::{
-    _LOCK_OPERATION::IoModifyAccess, _MEMORY_CACHING_TYPE::MmCached,
-    _MM_PAGE_PRIORITY::HighPagePriority, _MODE::KernelMode, MDL, MdlMappingNoExecute, PUCHAR,
+    _LOCK_OPERATION::IoModifyAccess,
+    _MEMORY_CACHING_TYPE::MmCached,
+    _MM_PAGE_PRIORITY::HighPagePriority, 
+    _MODE::KernelMode, MDL, 
+    MdlMappingNoExecute, PUCHAR,
 };
 
 /// Memory Descriptor List (MDL) wrapper for safe kernel memory modification.
@@ -59,6 +65,7 @@ impl Mdl {
                 0,
                 HighPagePriority as u32 | MdlMappingNoExecute,
             ) as *mut u8;
+            
             if mapped_address.is_null() {
                 wdk::println!("Failed to map blocked pages");
                 MmUnlockPages(mdl);

shadowx/src/utils/mod.rs

@@ -5,21 +5,33 @@ use core::{
     slice::from_raw_parts,
 };
 
+use ntapi::ntexapi::{
+    PSYSTEM_PROCESS_INFORMATION, 
+    SystemProcessInformation
+};
 use wdk_sys::{
-    _KWAIT_REASON::{DelayExecution, UserRequest, WrAlertByThreadId},
-    ntddk::{MmGetSystemRoutineAddress, PsIsThreadTerminating},
+    _KWAIT_REASON::{
+        DelayExecution, 
+        UserRequest, 
+        WrAlertByThreadId
+    },
+    ntddk::{
+        MmGetSystemRoutineAddress, 
+        PsIsThreadTerminating
+    },
     *,
 };
 
-use ntapi::ntexapi::{PSYSTEM_PROCESS_INFORMATION, SystemProcessInformation};
-
 use crate::data::{
-    IMAGE_DOS_HEADER, IMAGE_EXPORT_DIRECTORY, IMAGE_NT_HEADERS, KTHREAD_STATE::Waiting,
+    IMAGE_DOS_HEADER, IMAGE_EXPORT_DIRECTORY, 
+    IMAGE_NT_HEADERS, KTHREAD_STATE::Waiting,
     LDR_DATA_TABLE_ENTRY, PEB,
 };
-
 use crate::{
-    ZwQuerySystemInformation, attach::ProcessAttach, error::ShadowError, pool::PoolMemory, *,
+    ZwQuerySystemInformation, 
+    attach::ProcessAttach, 
+    error::ShadowError, 
+    pool::PoolMemory, *,
 };
 
 pub mod address;
@@ -61,10 +73,7 @@ pub unsafe fn find_thread_alertable(target_pid: usize) -> Result<*mut _KTHREAD>
     );
 
     if !NT_SUCCESS(status) {
-        return Err(ShadowError::ApiCallFailed(
-            "ZwQuerySystemInformation",
-            status,
-        ));
+        return Err(ShadowError::ApiCallFailed("ZwQuerySystemInformation", status));
     }
 
     // Iterate over process information to find the target PID and alertable thread
@@ -76,6 +85,7 @@ pub unsafe fn find_thread_alertable(target_pid: usize) -> Result<*mut _KTHREAD>
                 (*process_info).Threads.as_ptr(),
                 (*process_info).NumberOfThreads as usize,
             );
+
             for &thread in threads_slice {
                 if thread.ThreadState == Waiting as u32
                     && thread.WaitReason == WrAlertByThreadId as u32
@@ -134,10 +144,7 @@ pub unsafe fn find_thread(target_pid: usize) -> Result<*mut _KTHREAD> {
     );
 
     if !NT_SUCCESS(status) {
-        return Err(ShadowError::ApiCallFailed(
-            "ZwQuerySystemInformation",
-            status,
-        ));
+        return Err(ShadowError::ApiCallFailed("ZwQuerySystemInformation", status));
     }
 
     // Iterate over process information to find the target PID and alertable thread
@@ -203,10 +210,7 @@ pub unsafe fn get_function_peb(
     // Access its `PEB`
     let peb = PsGetProcessPeb(process.e_process) as *mut PEB;
     if peb.is_null() || (*peb).Ldr.is_null() {
-        return Err(ShadowError::FunctionExecutionFailed(
-            "PsGetProcessPeb",
-            line!(),
-        ));
+        return Err(ShadowError::FunctionExecutionFailed("PsGetProcessPeb", line!()));
     }
 
     // Traverse the InLoadOrderModuleList to find the module
@@ -313,10 +317,7 @@ pub unsafe fn get_process_by_name(process_name: &str) -> Result<usize> {
     );
 
     if !NT_SUCCESS(status) {
-        return Err(ShadowError::ApiCallFailed(
-            "ZwQuerySystemInformation",
-            status,
-        ));
+        return Err(ShadowError::ApiCallFailed("ZwQuerySystemInformation", status));
     }
 
     let mut process_info = info_process;

shadowx/src/utils/patterns.rs

@@ -3,21 +3,30 @@ use core::{
     ptr::{null_mut, read},
     slice::from_raw_parts,
 };
-use obfstr::obfstr;
 
+use obfstr::obfstr;
 use wdk_sys::{
     _SECTION_INHERIT::ViewUnmap,
-    ntddk::{ZwClose, ZwMapViewOfSection, ZwOpenSection, ZwUnmapViewOfSection},
+    ntddk::{
+        ZwClose, 
+        ZwMapViewOfSection, 
+        ZwOpenSection, 
+        ZwUnmapViewOfSection
+    },
     *,
 };
 
-use {
-    super::{InitializeObjectAttributes, address::get_module_base_address},
-    crate::{
-        Result,
-        data::{IMAGE_DOS_HEADER, IMAGE_EXPORT_DIRECTORY, IMAGE_NT_HEADERS, IMAGE_SECTION_HEADER},
-        error::ShadowError,
-        utils::uni,
+use super::{
+    InitializeObjectAttributes, 
+    address::get_module_base_address
+};
+use crate::{
+    Result,
+    error::ShadowError,
+    utils::uni,
+    data::{
+        IMAGE_DOS_HEADER, IMAGE_EXPORT_DIRECTORY, 
+        IMAGE_NT_HEADERS, IMAGE_SECTION_HEADER
     },
 };
 
@@ -206,8 +215,7 @@ pub unsafe fn find_zw_function(name: &str) -> Result<usize> {
     ZW_PATTERN[22] = ssn_bytes[1];
 
     let dos_header = ntoskrnl_addr as *const IMAGE_DOS_HEADER;
-    let nt_header =
-        (ntoskrnl_addr as usize + (*dos_header).e_lfanew as usize) as *const IMAGE_NT_HEADERS;
+    let nt_header = (ntoskrnl_addr as usize + (*dos_header).e_lfanew as usize) as *const IMAGE_NT_HEADERS;
     let section_header =
         (nt_header as usize + size_of::<IMAGE_NT_HEADERS>()) as *const IMAGE_SECTION_HEADER;
 
@@ -215,10 +223,8 @@ pub unsafe fn find_zw_function(name: &str) -> Result<usize> {
     for i in 0..(*nt_header).FileHeader.NumberOfSections as usize {
         let section = (*section_header.add(i)).Name;
         let name = core::str::from_utf8(&section).unwrap().trim_matches('\0');
-
         if name == obfstr!(".text") {
-            let text_start =
-                ntoskrnl_addr as usize + (*section_header.add(i)).VirtualAddress as usize;
+            let text_start = ntoskrnl_addr as usize + (*section_header.add(i)).VirtualAddress as usize;
             let text_end = text_start + (*section_header.add(i)).Misc.VirtualSize as usize;
             let data = core::slice::from_raw_parts(text_start as *const u8, text_end - text_start);