Revert "parser: fix potential padding bug."

This reverts commit 78ae95608753b42956f2445a4965b0577fbb76de. Commit 78ae95608753b42956f2445a4965b0577fbb76de causes policy to not to conform to protocol as determined by the kernel. Technically the reverted patch is correct and the kernel is wrong but we can not change 15 years of history. The reason it breaks the policy in the kernel is because the kernel does not use the name field, and does not expect it. It just expects the size with a single trailing 0. This doesn't break because this section is all padded to 64 bytes so writing the extra 0 doesn't hurt as it is effectively just manually adding to the padding. Signed-off-by: John Johansen <john.johansen@canonical.com>
2025-08-22 10:07:12 +00:00 · 2024-07-18 06:15:05 -07:00 · 2024-07-18 06:15:05 -07:00 · 42523bae91
commit 42523bae91
parent 0d9d548694
1 changed files with 2 additions and 2 deletions
--- a/parser/libapparmor_re/chfa.cc
+++ b/parser/libapparmor_re/chfa.cc
@ -419,7 +419,7 @@ void CHFA::flex_table(ostream &os, const char *name)

 	/* Write the actual flex parser table. */
 	/* TODO: add max_oob */
-	size_t hsize = pad64(sizeof(th) + sizeof(th_version) + 1 + strlen(name) + 1);
+	size_t hsize = pad64(sizeof(th) + sizeof(th_version) + strlen(name) + 1);
 	th.th_magic = htonl(YYTH_REGEX_MAGIC);
 	th.th_flags = htons(chfaflags);
 	th.th_hsize = htonl(hsize);
@ -433,7 +433,7 @@ void CHFA::flex_table(ostream &os, const char *name)
 			    flex_table_size(check_vec.begin(), check_vec.end()));
 	os.write((char *)&th, sizeof(th));
 	os << th_version << (char)0 << name << (char)0;
-	os << fill64(sizeof(th) + 1 + sizeof(th_version) + strlen(name) + 1);
+	os << fill64(sizeof(th) + sizeof(th_version) + strlen(name) + 1);

 	write_flex_table(os, YYTD_ID_ACCEPT, accept.begin(), accept.end());
 	write_flex_table(os, YYTD_ID_ACCEPT2, accept2.begin(), accept2.end());