diff --git a/module-nextgen/apparmor/match/match_pcre.c b/module-nextgen/apparmor/match/match_pcre.c index 0a9071b6b..103f31e6a 100644 --- a/module-nextgen/apparmor/match/match_pcre.c +++ b/module-nextgen/apparmor/match/match_pcre.c @@ -87,8 +87,8 @@ int aamatch_serialize(void *entry_extradata, struct aa_ext *e, uschar must be the same in user and kernel space */ /* check that we are processing the correct structure */ AA_READ_X(e, AA_STRUCT, NULL, "pcre"); - AA_READ_X(e, AA_U32, &size, "pattern.size"); - AA_READ_X(e, AA_U32, &magic, "pattern.magic"); + AA_READ_X(e, AA_U32, &size, NULL); + AA_READ_X(e, AA_U32, &magic, NULL); /* the allocation of pcre is delayed because it depends on the size * of the pattern */ @@ -102,15 +102,15 @@ int aamatch_serialize(void *entry_extradata, struct aa_ext *e, ed->compiled->magic_number = magic; ed->compiled->size = size + sizeof(pcre); - AA_READ_X(e, AA_U32, &opts, "pattern.options"); + AA_READ_X(e, AA_U32, &opts, NULL); ed->compiled->options = opts; - AA_READ_X(e, AA_U16, &ed->compiled->top_bracket, "pattern.top_bracket"); - AA_READ_X(e, AA_U16, &ed->compiled->top_backref, "pattern.top_backref"); - AA_READ_X(e, AA_U8, &t_char, "pattern.first_char"); + AA_READ_X(e, AA_U16, &ed->compiled->top_bracket, NULL); + AA_READ_X(e, AA_U16, &ed->compiled->top_backref, NULL); + AA_READ_X(e, AA_U8, &t_char, NULL); ed->compiled->first_char = t_char; - AA_READ_X(e, AA_U8, &t_char, "pattern.req_char"); + AA_READ_X(e, AA_U8, &t_char, NULL); ed->compiled->req_char = t_char; - AA_READ_X(e, AA_U8, &t_char, "pattern.code[0]"); + AA_READ_X(e, AA_U8, &t_char, NULL); ed->compiled->code[0] = t_char; AA_READ_X(e, AA_STATIC_BLOB, &ed->compiled->code[1], NULL); diff --git a/module-nextgen/apparmor/module_interface.c b/module-nextgen/apparmor/module_interface.c index c3ac11d7a..d514aef39 100644 --- a/module-nextgen/apparmor/module_interface.c +++ b/module-nextgen/apparmor/module_interface.c @@ -322,7 +322,10 @@ static int aa_is_nameX(struct aa_ext *e, enum aa_code code, void *data, strncmp(name, (char *)e->pos, (size_t)size-1))) goto fail; e->pos += size; + } else if (name) { + goto fail; } + /* now check if data actually matches */ ret = aa_is_X(e, code, data); if (!ret) @@ -387,8 +390,8 @@ static inline struct aa_entry *aa_activate_file_entry(struct aa_ext *e) AA_READ_X(e, AA_STRUCT, NULL, "fe"); AA_READ_X(e, AA_DYN_STRING, &entry->filename, NULL); - AA_READ_X(e, AA_U32, &entry->mode, "file.mode"); - AA_READ_X(e, AA_U32, &entry->type, "file.pattern_type"); + AA_READ_X(e, AA_U32, &entry->mode, NULL); + AA_READ_X(e, AA_U32, &entry->type, NULL); entry->extradata = aamatch_alloc(entry->type); if (IS_ERR(entry->extradata)) { @@ -539,14 +542,13 @@ static struct aaprofile *aa_activate_profile(struct aa_ext *e, ssize_t *error) error_string = "Invalid flags"; /* per profile debug flags (debug, complain, audit) */ AA_READ_X(e, AA_STRUCT, NULL, "flags"); - AA_READ_X(e, AA_U32, &(profile->flags.debug), "profile.flags.debug"); - AA_READ_X(e, AA_U32, &(profile->flags.complain), - "profile.flags.complain"); - AA_READ_X(e, AA_U32, &(profile->flags.audit), "profile.flags.audit"); + AA_READ_X(e, AA_U32, &(profile->flags.debug), NULL); + AA_READ_X(e, AA_U32, &(profile->flags.complain), NULL); + AA_READ_X(e, AA_U32, &(profile->flags.audit), NULL); AA_READ_X(e, AA_STRUCTEND, NULL, NULL); error_string = "Invalid capabilities"; - AA_READ_X(e, AA_U32, &(profile->capabilities), "profile.capabilities"); + AA_READ_X(e, AA_U32, &(profile->capabilities), NULL); /* get the file entries. */ AA_ENTRY_LIST("pgent"); /* pcre rules */