parser: Fix expansion of variables in unix rules addr= conditional

The parser is not treating unix addr as a path and filtering slashes after variable expansion. This can lead to errors where @{foo}=/a/ unix bind addr=@{foo}/bar, will always fail because addr is being matched as /a//bar instead of /a/bar. MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/607 Fixes: https://bugs.launchpad.net/apparmor/+bug/1856738 Signed-off-by: John Johansen <john.johansen@canonical.com>
2025-08-31 06:16:03 +00:00 · 2020-08-31 19:01:06 -07:00
parent 46c355345e
commit 6af05006d9
3 changed files with 4 additions and 1 deletions
--- a/parser/parser.h
+++ b/parser/parser.h
@@ -402,6 +402,7 @@ extern int post_process_entry(struct cod_entry *entry);
 extern int process_policydb(Profile *prof);

 extern int process_policy_ents(Profile *prof);
+extern void filter_slashes(char *path);

 /* parser_variable.c */
 int expand_entry_variables(char **name);