From 69d3d71cd98f9abd2a72e99a9bc3bd62b0ff15c9 Mon Sep 17 00:00:00 2001
From: Christian Boltz <gitlab2@cboltz.de>
Date: Thu, 11 Oct 2018 19:49:24 +0000
Subject: [PATCH] Merge branch 'cboltz-mergeprof-hasher-fun' into 'master'

Fix aa-mergeprof crash caused by accidentially initialzed hat

See merge request apparmor/apparmor!234

Acked-by: John Johansen <john.johansen@canonical.com>

(cherry picked from commit 93445ca02dcbdef64664220dc4364501ff568776)

bc492533 Fix aa-mergeprof crash caused by accidentially initialzed hat
---
 utils/apparmor/cleanprofile.py | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/utils/apparmor/cleanprofile.py b/utils/apparmor/cleanprofile.py
index 0ef9b5ace..664cc732a 100644
--- a/utils/apparmor/cleanprofile.py
+++ b/utils/apparmor/cleanprofile.py
@@ -54,20 +54,24 @@ class CleanProf(object):
 
             #If different files remove duplicate includes in the other profile
             if not self.same_file:
-                for inc in includes:
-                    if self.other.aa[program][hat]['include'].get(inc, False):
-                        self.other.aa[program][hat]['include'].pop(inc)
-                        deleted += 1
+                if self.other.aa[program].get(hat):  # carefully avoid to accidently initialize self.other.aa[program][hat]
+                    for inc in includes:
+                        if self.other.aa[program][hat]['include'].get(inc, False):
+                            self.other.aa[program][hat]['include'].pop(inc)
+                            deleted += 1
+
             #Clean up superfluous rules from includes in the other profile
             for inc in includes:
                 if not self.profile.include.get(inc, {}).get(inc, False):
                     apparmor.load_include(inc)
-                deleted += apparmor.delete_duplicates(self.other.aa[program][hat], inc)
+                if self.other.aa[program].get(hat):  # carefully avoid to accidently initialize self.other.aa[program][hat]
+                    deleted += apparmor.delete_duplicates(self.other.aa[program][hat], inc)
 
             #Clean duplicate rules in other profile
             for ruletype in apparmor.ruletypes:
                 if not self.same_file:
-                    deleted += self.other.aa[program][hat][ruletype].delete_duplicates(self.profile.aa[program][hat][ruletype])
+                    if self.other.aa[program].get(hat):  # carefully avoid to accidently initialize self.other.aa[program][hat]
+                        deleted += self.other.aa[program][hat][ruletype].delete_duplicates(self.profile.aa[program][hat][ruletype])
                 else:
                     deleted += self.other.aa[program][hat][ruletype].delete_duplicates(None)