mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-01 14:55:10 +00:00
Code Issues Releases Wiki Activity

parser: Fix expansion of variables in unix rules addr= conditional

Browse Source 
The parser is not treating unix addr as a path and filtering slashes
after variable expansion. This can lead to errors where

@{foo}=/a/
unix bind addr=@{foo}/bar,

will always fail because addr is being matched as /a//bar instead of
/a/bar.

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/607
Fixes: https://bugs.launchpad.net/apparmor/+bug/1856738
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2020-08-31 19:01:06 -07:00
parent 46c355345e
commit 6af05006d9
3 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
parser/af_unix.cc
View File

@@ -157,9 +157,11 @@ int unix_rule::expand_variables(void)
error = expand_entry_variables(&addr);
if (error)
return error;
filter_slashes(addr);
error = expand_entry_variables(&peer_addr);
if (error)
return error;
filter_slashes(peer_addr);
return 0;
}