mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-04 08:15:21 +00:00
Code Issues Releases Wiki Activity

parser: convert process_mnt_entry's typebuf to std::string

Browse Source 
This patch addresses the FIXMEs from the last patch by converting
process_mnt_entry's typebuf from a char[] to std::string. As a side
effect, the code in build_list_val_expr() is greatly simplified.

Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
This commit is contained in:
Steve Beattie
2013-12-16 01:17:21 -08:00
parent cc1a6f0e55
commit 513d507423
1 changed files with 17 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
parser/parser_regex.c
View File

@@ -627,54 +627,30 @@ out:
return error; return error;
} }
static int build_list_val_expr(char *buffer, int size, struct value_list *list) static int build_list_val_expr(std::string& buffer, struct value_list *list)
{ {
struct value_list *ent; struct value_list *ent;
std::string tmp;
char *p;
int len;
pattern_t ptype; pattern_t ptype;
int pos; int pos;
if (!list) { if (!list) {
strncpy(buffer, "[^\\000]*", size); buffer.append("[^\\000]*");
return TRUE; return TRUE;
} }
p = buffer; buffer.append("(");
strncpy(p, "(", size - (p - buffer));
p++;
if (p > buffer + size)
goto fail;
ptype = convert_aaregex_to_pcre(list->value, 0, tmp, &pos); ptype = convert_aaregex_to_pcre(list->value, 0, buffer, &pos);
if (ptype == ePatternInvalid) if (ptype == ePatternInvalid)
goto fail; goto fail;
len = tmp.length();
if (len > size - (p - buffer))
goto fail;
strcpy(p, tmp.c_str());
p += len;
list_for_each(list->next, ent) { list_for_each(list->next, ent) {
tmp.clear(); buffer.append("|");
ptype = convert_aaregex_to_pcre(ent->value, 0, tmp, &pos); ptype = convert_aaregex_to_pcre(ent->value, 0, buffer, &pos);
if (ptype == ePatternInvalid) if (ptype == ePatternInvalid)
goto fail; goto fail;
strncpy(p, "|", size - (p - buffer));
p++;
len = tmp.length();
if (len > size - (p - buffer))
goto fail;
strcpy(p, tmp.c_str());
p += len;
} }
strncpy(p, ")", size - (p - buffer)); buffer.append(")");
p++;
if (p > buffer + size)
goto fail;
return TRUE; return TRUE;
fail: fail:
@@ -768,7 +744,7 @@ static int process_mnt_entry(aare_ruleset_t *dfarules, struct mnt_entry *entry)
{ {
std::string mntbuf; std::string mntbuf;
std::string devbuf; std::string devbuf;
char typebuf[PATH_MAX + 3]; std::string typebuf;
char flagsbuf[PATH_MAX + 3]; char flagsbuf[PATH_MAX + 3];
std::string optsbuf; std::string optsbuf;
char class_mount_hdr[64]; char class_mount_hdr[64];
@@ -845,7 +821,6 @@ static int process_mnt_entry(aare_ruleset_t *dfarules, struct mnt_entry *entry)
if ((entry->allow & AA_MAY_MOUNT) && (entry->flags & MS_BIND) if ((entry->allow & AA_MAY_MOUNT) && (entry->flags & MS_BIND)
&& !entry->dev_type && !entry->opts) { && !entry->dev_type && !entry->opts) {
/* bind mount rules can't be conditional on dev_type or data */ /* bind mount rules can't be conditional on dev_type or data */
std::string tmpbuf;
/* rule class single byte header */ /* rule class single byte header */
mntbuf.assign(class_mount_hdr); mntbuf.assign(class_mount_hdr);
if (!convert_entry(mntbuf, entry->mnt_point)) if (!convert_entry(mntbuf, entry->mnt_point))
@@ -855,11 +830,10 @@ static int process_mnt_entry(aare_ruleset_t *dfarules, struct mnt_entry *entry)
if (!convert_entry(devbuf, entry->device)) if (!convert_entry(devbuf, entry->device))
goto fail; goto fail;
vec[1] = devbuf.c_str(); vec[1] = devbuf.c_str();
/* FIXME: when typebuf gets converted to std::string, typebuf.clear();
* switch tmpbuf back to typebuf */ if (!convert_entry(typebuf, NULL))
if (!convert_entry(tmpbuf, NULL))
goto fail; goto fail;
vec[2] = tmpbuf.c_str(); vec[2] = typebuf.c_str();
flags = entry->flags; flags = entry->flags;
inv_flags = entry->inv_flags; inv_flags = entry->inv_flags;
@@ -912,7 +886,6 @@ static int process_mnt_entry(aare_ruleset_t *dfarules, struct mnt_entry *entry)
/* mount move rules can not be conditional on dev_type, /* mount move rules can not be conditional on dev_type,
* or data * or data
*/ */
std::string tmpbuf;
/* rule class single byte header */ /* rule class single byte header */
mntbuf.assign(class_mount_hdr); mntbuf.assign(class_mount_hdr);
if (!convert_entry(mntbuf, entry->mnt_point)) if (!convert_entry(mntbuf, entry->mnt_point))
@@ -923,11 +896,10 @@ static int process_mnt_entry(aare_ruleset_t *dfarules, struct mnt_entry *entry)
goto fail; goto fail;
vec[1] = devbuf.c_str(); vec[1] = devbuf.c_str();
/* skip type */ /* skip type */
/* FIXME: when typebuf gets converted to std::string, typebuf.clear();
* switch tmpbuf back to typebuf */ if (!convert_entry(typebuf, NULL))
if (!convert_entry(tmpbuf, NULL))
goto fail; goto fail;
vec[2] = tmpbuf.c_str(); vec[2] = typebuf.c_str();
flags = entry->flags; flags = entry->flags;
inv_flags = entry->inv_flags; inv_flags = entry->inv_flags;
@@ -958,9 +930,10 @@ static int process_mnt_entry(aare_ruleset_t *dfarules, struct mnt_entry *entry)
if (!convert_entry(devbuf, entry->device)) if (!convert_entry(devbuf, entry->device))
goto fail; goto fail;
vec[1] = devbuf.c_str(); vec[1] = devbuf.c_str();
if (!build_list_val_expr(typebuf, PATH_MAX+2, entry->dev_type)) typebuf.clear();
if (!build_list_val_expr(typebuf, entry->dev_type))
goto fail; goto fail;
vec[2] = typebuf; vec[2] = typebuf.c_str();
flags = entry->flags; flags = entry->flags;
inv_flags = entry->inv_flags; inv_flags = entry->inv_flags;