fix(inconsistent-missing-override): add missed override specifiers

parser/af_rule.h

@@ -53,7 +53,7 @@ public:
 		sock_type_n(-1), proto(NULL), proto_n(0), label(NULL),
 		peer_label(NULL) { }
 
-	virtual ~af_rule()
+	~af_rule() override
 	{
 		free(sock_type);
 		free(proto);
@@ -73,12 +73,12 @@ public:
 	virtual bool has_peer_conds(void) { return peer_label ? true : false; }
 	virtual ostream &dump_local(ostream &os);
 	virtual ostream &dump_peer(ostream &os);
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof) = 0;
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override = 0;
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override
 	{
 		int res = perms_rule_t::cmp(rhs);
 		if (res)

parser/af_unix.h

@@ -41,13 +41,13 @@ public:
 	unix_rule(unsigned int type_p, audit_t audit_p, rule_mode_t rule_mode_p);
 	unix_rule(perm32_t perms, struct cond_entry *conds,
 		  struct cond_entry *peer_conds);
-	virtual ~unix_rule()
+	~unix_rule() override
 	{
 		free(addr);
 		free(peer_addr);
 	};
 
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		// priority is partially supported for unix rules
 		// rules that get downgraded to just network socket
 		// won't support them but the fine grained do.
@@ -57,17 +57,17 @@ public:
 		}
 		return true;
 	};
-	virtual bool has_peer_conds(void) {
+	bool has_peer_conds(void) override {
 		return af_rule::has_peer_conds() || peer_addr;
 	}
 
-	virtual ostream &dump_local(ostream &os);
-	virtual ostream &dump_peer(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
+	ostream &dump_local(ostream &os) override;
+	ostream &dump_peer(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
 
 	// inherit is_mergable() from af_rule
-	virtual int cmp(rule_t const &rhs) const
+	int cmp(rule_t const &rhs) const override
 	{
 		int res = af_rule::cmp(rhs);
 		if (res)
@@ -80,7 +80,7 @@ public:
 	};
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 };
 
 #endif /* __AA_AF_UNIX_H */

parser/all_rule.h

@@ -31,7 +31,7 @@ class all_rule: public prefix_rule_t {
 public:
 	all_rule(void): prefix_rule_t(RULE_TYPE_ALL) { }
 
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		if (p.priority != 0) {
 			error = _("priority prefix not allowed on all rules");
 			return false;
@@ -43,30 +43,30 @@ public:
 		return true;
 	};
 
-	int expand_variables(void)
+	int expand_variables(void) override
 	{
 		return 0;
 	}
-	virtual ostream &dump(ostream &os) {
+	ostream &dump(ostream &os) override {
 		prefix_rule_t::dump(os);
 
 		os << "all";
 
 		return os;
 	}
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override
 	{
 		return prefix_rule_t::cmp(rhs);
 	};
 
-	virtual void add_implied_rules(Profile &prof);
+	void add_implied_rules(Profile &prof) override;
 
-	virtual int gen_policy_re(Profile &prof unused) { return RULE_OK; };
+	int gen_policy_re(Profile &prof unused) override { return RULE_OK; };
 
 protected:
-  virtual void warn_once(const char *name unused, const char *msg unused) { };
-  virtual void warn_once(const char *name unused)  { };
+  void warn_once(const char *name unused, const char *msg unused) override { };
+  void warn_once(const char *name unused) override  { };
 };
 
 #endif /* __AA_ALL_H */

parser/dbus.h

@@ -42,7 +42,7 @@ public:
 
 	dbus_rule(perm32_t perms_p, struct cond_entry *conds,
 		  struct cond_entry *peer_conds);
-	virtual ~dbus_rule() {
+	~dbus_rule() override {
 		free(bus);
 		free(name);
 		free(peer_label);
@@ -50,7 +50,7 @@ public:
 		free(interface);
 		free(member);
 	};
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		if (p.owner != OWNER_UNSPECIFIED) {
 			error = "owner prefix not allowed on dbus rules";
 			return false;
@@ -58,12 +58,12 @@ public:
 		return true;
 	};
 
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override
 	{
 		int res = perms_rule_t::cmp(rhs);
 		if (res)
@@ -89,7 +89,7 @@ public:
 
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 };
 
 #endif /* __AA_DBUS_H */

parser/io_uring.h

@@ -32,12 +32,12 @@ public:
 	char *label;
 
 	io_uring_rule(perm32_t perms, struct cond_entry *conds, struct cond_entry *ring_conds);
-	virtual ~io_uring_rule()
+	~io_uring_rule() override
 	{
 		free(label);
 	};
 
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		if (p.owner) {
 			error = _("owner prefix not allowed on io_uring rules");
 			return false;
@@ -45,12 +45,12 @@ public:
 		return true;
 	};
 
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override
 	{
 		int res = perms_rule_t::cmp(rhs);
 		if (res)
@@ -60,7 +60,7 @@ public:
 	};
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 };
 
 #endif /* __AA_IO_URING_H */

parser/libapparmor_re/expr-tree.h

@@ -373,13 +373,13 @@ public:
 	{
 		type_flags |= NODE_TYPE_TWOCHILD;
 	};
-	virtual int normalize_eps(int dir);
+	int normalize_eps(int dir) override;
 };
 
 class LeafNode: public Node {
 public:
 	LeafNode(): Node() { type_flags |= NODE_TYPE_LEAF; };
-	virtual void normalize(int dir __attribute__((unused))) { return; }
+	void normalize(int dir __attribute__((unused))) override { return; }
 };
 
 /* Match nothing (//). */
@@ -391,22 +391,22 @@ public:
 		nullable = true;
 		label = 0;
 	}
-	void release(void)
+	void release(void) override
 	{
 		/* don't delete Eps nodes because there is a single static
 		 * instance shared by all trees.  Look for epsnode in the code
 		 */
 	}
 
-	void compute_firstpos() { }
-	void compute_lastpos() { }
-	int eq(Node *other)
+	void compute_firstpos() override { }
+	void compute_lastpos() override { }
+	int eq(Node *other) override
 	{
 		if (other->is_type(NODE_TYPE_EPS))
 			return 1;
 		return 0;
 	}
-	ostream &dump(ostream &os)
+	ostream &dump(ostream &os) override
 	{
 		return os << "[]";
 	}
@@ -420,8 +420,8 @@ public:
 class ImportantNode: public LeafNode {
 public:
 	ImportantNode(): LeafNode() { type_flags |= NODE_TYPE_IMPORTANT; }
-	void compute_firstpos() { firstpos.insert(this); }
-	void compute_lastpos() { lastpos.insert(this); }
+	void compute_firstpos() override { firstpos.insert(this); }
+	void compute_lastpos() override { lastpos.insert(this); }
 	virtual void follow(Cases &cases) = 0;
 	virtual int is_accept(void) = 0;
 	virtual int is_postprocess(void) = 0;
@@ -433,15 +433,15 @@ public:
 class CNode: public ImportantNode {
 public:
 	CNode(): ImportantNode() { type_flags |= NODE_TYPE_C; }
-	int is_accept(void) { return false; }
-	int is_postprocess(void) { return false; }
+	int is_accept(void) override { return false; }
+	int is_postprocess(void) override { return false; }
 };
 
 /* Match one specific character (/c/). */
 class CharNode: public CNode {
 public:
 	CharNode(transchar c): c(c) { type_flags |= NODE_TYPE_CHAR; }
-	void follow(Cases &cases)
+	void follow(Cases &cases) override
 	{
 		NodeSet **x = &cases.cases[c];
 		if (!*x) {
@@ -452,7 +452,7 @@ public:
 		}
 		(*x)->insert(followpos.begin(), followpos.end());
 	}
-	int eq(Node *other)
+	int eq(Node *other) override
 	{
 		if (other->is_type(NODE_TYPE_CHAR)) {
 			CharNode *o = static_cast<CharNode *>(other);
@@ -460,12 +460,12 @@ public:
 		}
 		return 0;
 	}
-	ostream &dump(ostream &os)
+	ostream &dump(ostream &os) override
 	{
 		return os << c;
 	}
 
-	int min_match_len()
+	int min_match_len() override
 	{
 		if (c < 0) {
 			// oob characters indicates end of string.
@@ -477,7 +477,7 @@ public:
 		return 1;
 	}
 
-	bool contains_oob() { return c < 0; }
+	bool contains_oob() override { return c < 0; }
 
 	transchar c;
 };
@@ -489,7 +489,7 @@ public:
 	{
 		type_flags |= NODE_TYPE_CHARSET;
 	}
-	void follow(Cases &cases)
+	void follow(Cases &cases) override
 	{
 		for (Chars::iterator i = chars.begin(); i != chars.end(); i++) {
 			NodeSet **x = &cases.cases[*i];
@@ -502,7 +502,7 @@ public:
 			(*x)->insert(followpos.begin(), followpos.end());
 		}
 	}
-	int eq(Node *other)
+	int eq(Node *other) override
 	{
 		if (!other->is_type(NODE_TYPE_CHARSET))
 			return 0;
@@ -518,7 +518,7 @@ public:
 		}
 		return 1;
 	}
-	ostream &dump(ostream &os)
+	ostream &dump(ostream &os) override
 	{
 		os << '[';
 		for (Chars::iterator i = chars.begin(); i != chars.end(); i++)
@@ -526,7 +526,7 @@ public:
 		return os << ']';
 	}
 
-	int min_match_len()
+	int min_match_len() override
 	{
 		if (contains_oob()) {
 			return 0;
@@ -534,7 +534,7 @@ public:
 		return 1;
 	}
 
-	bool contains_oob()
+	bool contains_oob() override
 	{
 		for (Chars::iterator i = chars.begin(); i != chars.end(); i++) {
 			if (*i < 0) {
@@ -554,7 +554,7 @@ public:
 	{
 		type_flags |= NODE_TYPE_NOTCHARSET;
 	}
-	void follow(Cases &cases)
+	void follow(Cases &cases) override
 	{
 		if (!cases.otherwise)
 			cases.otherwise = new NodeSet;
@@ -575,7 +575,7 @@ public:
 						  followpos.end());
 		}
 	}
-	int eq(Node *other)
+	int eq(Node *other) override
 	{
 		if (!other->is_type(NODE_TYPE_NOTCHARSET))
 			return 0;
@@ -591,7 +591,7 @@ public:
 		}
 		return 1;
 	}
-	ostream &dump(ostream &os)
+	ostream &dump(ostream &os) override
 	{
 		os << "[^";
 		for (Chars::iterator i = chars.begin(); i != chars.end(); i++)
@@ -599,7 +599,7 @@ public:
 		return os << ']';
 	}
 
-	int min_match_len()
+	int min_match_len() override
 	{
 		/* Inverse match does not match any oob char at this time
 		 * so only count characters
@@ -607,7 +607,7 @@ public:
 		return 1;
 	}
 
-	bool contains_oob()
+	bool contains_oob() override
 	{
 		for (Chars::iterator i = chars.begin(); i != chars.end(); i++) {
 			if (*i < 0) {
@@ -624,7 +624,7 @@ public:
 class AnyCharNode: public CNode {
 public:
 	AnyCharNode() { type_flags |= NODE_TYPE_ANYCHAR; }
-	void follow(Cases &cases)
+	void follow(Cases &cases) override
 	{
 		if (!cases.otherwise)
 			cases.otherwise = new NodeSet;
@@ -635,13 +635,13 @@ public:
 			if (i->first.c >= 0)
 				i->second->insert(followpos.begin(), followpos.end());
 	}
-	int eq(Node *other)
+	int eq(Node *other) override
 	{
 		if (other->is_type(NODE_TYPE_ANYCHAR))
 			return 1;
 		return 0;
 	}
-	ostream &dump(ostream &os) { return os << "."; }
+	ostream &dump(ostream &os) override { return os << "."; }
 };
 
 /* Match a node zero or more times. (This is a unary operator.) */
@@ -652,29 +652,29 @@ public:
 		type_flags |= NODE_TYPE_STAR;
 		nullable = true;
 	}
-	void compute_firstpos() { firstpos = child[0]->firstpos; }
-	void compute_lastpos() { lastpos = child[0]->lastpos; }
-	void compute_followpos()
+	void compute_firstpos() override { firstpos = child[0]->firstpos; }
+	void compute_lastpos() override { lastpos = child[0]->lastpos; }
+	void compute_followpos() override
 	{
 		NodeSet from = child[0]->lastpos, to = child[0]->firstpos;
 		for (NodeSet::iterator i = from.begin(); i != from.end(); i++) {
 			(*i)->followpos.insert(to.begin(), to.end());
 		}
 	}
-	int eq(Node *other)
+	int eq(Node *other) override
 	{
 		if (other->is_type(NODE_TYPE_STAR))
 			return child[0]->eq(other->child[0]);
 		return 0;
 	}
-	ostream &dump(ostream &os)
+	ostream &dump(ostream &os) override
 	{
 		os << '(';
 		child[0]->dump(os);
 		return os << ")*";
 	}
 
-	bool contains_oob() { return child[0]->contains_oob(); }
+	bool contains_oob() override { return child[0]->contains_oob(); }
 };
 
 /* Match a node zero or one times. */
@@ -685,15 +685,15 @@ public:
 		type_flags |= NODE_TYPE_OPTIONAL;
 		nullable = true;
 	}
-	void compute_firstpos() { firstpos = child[0]->firstpos; }
-	void compute_lastpos() { lastpos = child[0]->lastpos; }
-	int eq(Node *other)
+	void compute_firstpos() override { firstpos = child[0]->firstpos; }
+	void compute_lastpos() override { lastpos = child[0]->lastpos; }
+	int eq(Node *other) override
 	{
 		if (other->is_type(NODE_TYPE_OPTIONAL))
 			return child[0]->eq(other->child[0]);
 		return 0;
 	}
-	ostream &dump(ostream &os)
+	ostream &dump(ostream &os) override
 	{
 		os << '(';
 		child[0]->dump(os);
@@ -708,28 +708,28 @@ public:
 	{
 		type_flags |= NODE_TYPE_PLUS;
 	}
-	void compute_nullable() { nullable = child[0]->nullable; }
-	void compute_firstpos() { firstpos = child[0]->firstpos; }
-	void compute_lastpos() { lastpos = child[0]->lastpos; }
-	void compute_followpos()
+	void compute_nullable() override { nullable = child[0]->nullable; }
+	void compute_firstpos() override { firstpos = child[0]->firstpos; }
+	void compute_lastpos() override { lastpos = child[0]->lastpos; }
+	void compute_followpos() override
 	{
 		NodeSet from = child[0]->lastpos, to = child[0]->firstpos;
 		for (NodeSet::iterator i = from.begin(); i != from.end(); i++) {
 			(*i)->followpos.insert(to.begin(), to.end());
 		}
 	}
-	int eq(Node *other) {
+	int eq(Node *other) override {
 		if (other->is_type(NODE_TYPE_PLUS))
 			return child[0]->eq(other->child[0]);
 		return 0;
 	}
-	ostream &dump(ostream &os) {
+	ostream &dump(ostream &os) override {
 		os << '(';
 		child[0]->dump(os);
 		return os << ")+";
 	}
-	int min_match_len() { return child[0]->min_match_len(); }
-	bool contains_oob() { return child[0]->contains_oob(); }
+	int min_match_len() override { return child[0]->min_match_len(); }
+	bool contains_oob() override { return child[0]->contains_oob(); }
 };
 
 /* Match a pair of consecutive nodes. */
@@ -739,32 +739,32 @@ public:
 	{
 		type_flags |= NODE_TYPE_CAT;
 	}
-	void compute_nullable()
+	void compute_nullable() override
 	{
 		nullable = child[0]->nullable && child[1]->nullable;
 	}
-	void compute_firstpos()
+	void compute_firstpos() override
 	{
 		if (child[0]->nullable)
 			firstpos = child[0]->firstpos + child[1]->firstpos;
 		else
 			firstpos = child[0]->firstpos;
 	}
-	void compute_lastpos()
+	void compute_lastpos() override
 	{
 		if (child[1]->nullable)
 			lastpos = child[0]->lastpos + child[1]->lastpos;
 		else
 			lastpos = child[1]->lastpos;
 	}
-	void compute_followpos()
+	void compute_followpos() override
 	{
 		NodeSet from = child[0]->lastpos, to = child[1]->firstpos;
 		for (NodeSet::iterator i = from.begin(); i != from.end(); i++) {
 			(*i)->followpos.insert(to.begin(), to.end());
 		}
 	}
-	int eq(Node *other)
+	int eq(Node *other) override
 	{
 		if (other->is_type(NODE_TYPE_CAT)) {
 			if (!child[0]->eq(other->child[0]))
@@ -773,14 +773,14 @@ public:
 		}
 		return 0;
 	}
-	ostream &dump(ostream &os)
+	ostream &dump(ostream &os) override
 	{
 		child[0]->dump(os);
 		child[1]->dump(os);
 		return os;
 	}
-	void normalize(int dir);
-	int min_match_len()
+	void normalize(int dir) override;
+	int min_match_len() override
 	{
 		int len = child[0]->min_match_len();
 		if (child[0]->contains_oob()) {
@@ -792,7 +792,7 @@ public:
 		}
 		return len + child[1]->min_match_len();
 	}
-	bool contains_oob()
+	bool contains_oob() override
 	{
 		return child[0]->contains_oob() || child[1]->contains_oob();
 	}
@@ -805,19 +805,19 @@ public:
 	{
 		type_flags |= NODE_TYPE_ALT;
 	}
-	void compute_nullable()
+	void compute_nullable() override
 	{
 		nullable = child[0]->nullable || child[1]->nullable;
 	}
-	void compute_lastpos()
+	void compute_lastpos() override
 	{
 		lastpos = child[0]->lastpos + child[1]->lastpos;
 	}
-	void compute_firstpos()
+	void compute_firstpos() override
 	{
 		firstpos = child[0]->firstpos + child[1]->firstpos;
 	}
-	int eq(Node *other)
+	int eq(Node *other) override
 	{
 		if (other->is_type(NODE_TYPE_ALT)) {
 			if (!child[0]->eq(other->child[0]))
@@ -826,7 +826,7 @@ public:
 		}
 		return 0;
 	}
-	ostream &dump(ostream &os)
+	ostream &dump(ostream &os) override
 	{
 		os << '(';
 		child[0]->dump(os);
@@ -835,8 +835,8 @@ public:
 		os << ')';
 		return os;
 	}
-	void normalize(int dir);
-	int min_match_len()
+	void normalize(int dir) override;
+	int min_match_len() override
 	{
 		int m1, m2;
 		m1 = child[0]->min_match_len();
@@ -846,7 +846,7 @@ public:
 		}
 		return m2;
 	}
-	bool contains_oob()
+	bool contains_oob() override
 	{
 		return child[0]->contains_oob() || child[1]->contains_oob();
 	}
@@ -858,20 +858,20 @@ public:
 	{
 		type_flags |= NODE_TYPE_SHARED;
 	}
-	void release(void)
+	void release(void) override
 	{
 		/* don't delete SharedNodes via release as they are shared, and
 		 * will be deleted when the table they are stored in is deleted
 		 */
 	}
 
-	void follow(Cases &cases __attribute__ ((unused)))
+	void follow(Cases &cases __attribute__ ((unused))) override
 	{
 		/* Nothing to follow. */
 	}
 
 	/* requires shared nodes to be common by pointer */
-	int eq(Node *other) { return (this == other); }
+	int eq(Node *other) override { return (this == other); }
 };
 
 /**
@@ -881,8 +881,8 @@ public:
 class AcceptNode: public SharedNode {
 public:
 	AcceptNode() { type_flags |= NODE_TYPE_ACCEPT; }
-	int is_accept(void) { return true; }
-	int is_postprocess(void) { return false; }
+	int is_accept(void) override { return true; }
+	int is_postprocess(void) override { return false; }
 };
 
 class MatchFlag: public AcceptNode {
@@ -891,7 +891,7 @@ public:
 	{
 		type_flags |= NODE_TYPE_MATCHFLAG;
 	}
-	ostream &dump(ostream &os) { return os << "< 0x" << hex << perms << std::dec << '>'; }
+	ostream &dump(ostream &os) override { return os << "< 0x" << hex << perms << std::dec << '>'; }
 
 	int priority;
 	perm32_t perms;
@@ -1054,9 +1054,9 @@ public:
 	set<NodeVec *, deref_less_than> cache;
 
 	NodeVecCache(void): cache() { };
-	~NodeVecCache() { clear(); };
+	~NodeVecCache() override { clear(); };
 
-	virtual unsigned long size(void) const { return cache.size(); }
+	unsigned long size(void) const override { return cache.size(); }
 
 	void clear()
 	{

parser/libapparmor_re/hfa.h

@@ -324,9 +324,9 @@ public:
 	map<ProtoState, State *> cache;
 
 	NodeMap(void): cache() { };
-	~NodeMap() { clear(); };
+	~NodeMap() override { clear(); };
 
-	virtual unsigned long size(void) const { return cache.size(); }
+	unsigned long size(void) const override { return cache.size(); }
 
 	void clear()
 	{

parser/mount.h

@@ -159,7 +159,7 @@ public:
 	mnt_rule(struct cond_entry *src_conds, char *device_p,
 		   struct cond_entry *dst_conds unused, char *mnt_point_p,
 		   perm32_t perms_p);
-	virtual ~mnt_rule()
+	~mnt_rule() override
 	{
 		free_value_list(opts);
 		free_value_list(dev_type);
@@ -168,25 +168,25 @@ public:
 		free(trans);
 	}
 
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		if (p.owner != OWNER_UNSPECIFIED) {
 			error = "owner prefix not allowed on mount rules";
 			return false;
 		}
 		return true;
 	};
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
-	virtual void post_parse_profile(Profile &prof unused);
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
+	void post_parse_profile(Profile &prof unused) override;
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const;
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override;
 
 	// for now use default merge/dedup
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 };
 
 int is_valid_mnt_cond(const char *name, int src);

parser/mqueue.h

@@ -94,13 +94,13 @@ public:
 	char *label;
 
 	mqueue_rule(perm32_t perms, struct cond_entry *conds, char *qname = NULL);
-	virtual ~mqueue_rule()
+	~mqueue_rule() override
 	{
 		free(qname);
 		free(label);
 	};
 
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		// not yet, but soon
 		if (p.owner) {
 			error = _("owner prefix not allowed on mqueue rules");
@@ -108,12 +108,12 @@ public:
 		}
 		return true;
 	};
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override
 	{
 		int res = perms_rule_t::cmp(rhs);
 		if (res)
@@ -129,7 +129,7 @@ public:
 	};
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 	void validate_qname(void);
 };
 

parser/network.h

@@ -167,7 +167,7 @@ public:
 		     const char *protocol, struct cond_entry *conds,
 		     struct cond_entry *peer_conds);
 	network_rule(perm32_t perms_p, unsigned int family, unsigned int type);
-	virtual ~network_rule()
+	~network_rule() override
 	{
 		peer.free_conds();
 		local.free_conds();
@@ -197,7 +197,7 @@ public:
 	bool parse_port(ip_conds &entry);
 
 	// update TODO: in equality.sh when priority is a valid prefix
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		if (p.priority != 0) {
 			error = _("priority prefix not allowed on network rules");
 			return false;
@@ -208,12 +208,12 @@ public:
 		}
 		return true;
 	};
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const;
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override;
 
 	/* array of type masks indexed by AF_FAMILY */
 	/* allow, audit, deny and quiet are used for compatibility with AA_CLASS_NET */
@@ -225,7 +225,7 @@ public:
 	bool alloc_net_table(void);
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 };
 
 #endif /* __AA_NETWORK_H */

parser/ptrace.h

@@ -35,16 +35,16 @@ public:
 	char *peer_label;
 
 	ptrace_rule(perm32_t perms, struct cond_entry *conds);
-	virtual ~ptrace_rule()
+	~ptrace_rule() override
 	{
 		free(peer_label);
 	};
 
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
 
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		if (p.owner != OWNER_UNSPECIFIED) {
 			error = "owner prefix not allowed on ptrace rules";
 			return false;
@@ -52,8 +52,8 @@ public:
 		return true;
 	};
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override
 	{
 		int res = perms_rule_t::cmp(rhs);
 		if (res)
@@ -63,7 +63,7 @@ public:
 	};
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 };
 
 #endif /* __AA_PTRACE_H */

parser/rule.h

@@ -354,7 +354,7 @@ public:
 		return *ptr < rhs;
 	}
 
-	virtual int cmp(rule_t const &rhs) const {
+	int cmp(rule_t const &rhs) const override {
 		int res = rule_t::cmp(rhs);
 		if (res)
 			return res;
@@ -363,7 +363,7 @@ public:
 		return lhsptr->cmp(*rhsptr);
 	}
 
-	virtual bool operator<(rule_t const &rhs) const {
+	bool operator<(rule_t const &rhs) const override {
 		if (rule_type < rhs.rule_type)
 			return true;
 		if (rhs.rule_type < rule_type)
@@ -373,7 +373,7 @@ public:
 		return *this < *rhsptr;
 	}
 
-	virtual ostream &dump(ostream &os) {
+	ostream &dump(ostream &os) override {
 		prefixes::dump(os);
 
 		return os;
@@ -394,11 +394,11 @@ public:
 	 * can in herit the generic one that redirects to cmp()
 	 * that does get overriden
 	 */
-	virtual bool operator<(rule_t const &rhs) const {
+	bool operator<(rule_t const &rhs) const override {
 		return cmp(rhs) < 0;
 	}
 
-	virtual ostream &dump(ostream &os) {
+	ostream &dump(ostream &os) override {
 		prefix_rule_t::dump(os);
 
 		os << aa_class_table[aa_class()];
@@ -415,12 +415,12 @@ class perms_rule_t: public class_rule_t {
 public:
 	perms_rule_t(int c): class_rule_t(c), perms(0), saved(0) { };
 
-	virtual int cmp(rule_t const &rhs) const {
+	int cmp(rule_t const &rhs) const override {
 		/* don't compare perms so they can be merged */
 		return class_rule_t::cmp(rhs);
 	}
 
-	virtual bool merge(rule_t &rhs)
+	bool merge(rule_t &rhs) override
 	{
 		int res = class_rule_t::merge(rhs);
 		if (!res)
@@ -432,7 +432,7 @@ public:
 	};
 
 	/* defaut perms, override/mask off if none default used */
-	virtual ostream &dump(ostream &os) {
+	ostream &dump(ostream &os) override {
 		class_rule_t::dump(os);
 
 		if (saved)
@@ -451,7 +451,7 @@ class dedup_perms_rule_t: public class_rule_t {
 public:
 	dedup_perms_rule_t(int c): class_rule_t(c), perms(0) { };
 
-	virtual int cmp(rule_t const &rhs) const {
+	int cmp(rule_t const &rhs) const override {
 		int res = class_rule_t::cmp(rhs);
 		if (res)
 			return res;
@@ -461,7 +461,7 @@ public:
 	// inherit default merge which does dedup
 
 	/* defaut perms, override/mask off if none default used */
-	virtual ostream &dump(ostream &os) {
+	ostream &dump(ostream &os) override {
 		class_rule_t::dump(os);
 
 		os << "(0x" << hex << perms << ") ";

parser/signal.h

@@ -42,11 +42,11 @@ public:
 	char *peer_label;
 
 	signal_rule(perm32_t perms, struct cond_entry *conds);
-	virtual ~signal_rule() {
+	~signal_rule() override {
 		signals.clear();
 		free(peer_label);
 	};
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		if (p.owner != OWNER_UNSPECIFIED) {
 			error = "owner prefix not allowed on signal rules";
 			return false;
@@ -54,15 +54,15 @@ public:
 		return true;
 	};
 
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const;
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override;
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 };
 
 #endif /* __AA_SIGNAL_H */

parser/userns.h

@@ -27,30 +27,30 @@ class userns_rule: public perms_rule_t {
 	void move_conditionals(struct cond_entry *conds);
 public:
 	userns_rule(perm32_t perms, struct cond_entry *conds);
-	virtual ~userns_rule()
+	~userns_rule() override
 	{
 	};
 
-	virtual bool valid_prefix(const prefixes &p, const char *&error) {
+	bool valid_prefix(const prefixes &p, const char *&error) override {
 		if (p.owner) {
 			error = _("owner prefix not allowed on userns rules");
 			return false;
 		}
 		return true;
 	};
-	virtual ostream &dump(ostream &os);
-	virtual int expand_variables(void);
-	virtual int gen_policy_re(Profile &prof);
+	ostream &dump(ostream &os) override;
+	int expand_variables(void) override;
+	int gen_policy_re(Profile &prof) override;
 
-	virtual bool is_mergeable(void) { return true; }
-	virtual int cmp(rule_t const &rhs) const
+	bool is_mergeable(void) override { return true; }
+	int cmp(rule_t const &rhs) const override
 	{
 		return perms_rule_t::cmp(rhs);
 	};
 	/* merge perms not required atm since there's only one permission */
 
 protected:
-	virtual void warn_once(const char *name) override;
+	void warn_once(const char *name) override;
 };
 
 #endif /* __AA_USERNS_H */