mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

Fix change_profile so that it works with regular expressions (lpn390810)

Browse Source 
Change_profile was broken so that it couldn't parse expressions that
weren't path based or started with a variable.  Furthermore if the name
held any expressions it was not hanlded correctly, as it was being passed
directly to dfa conversion without going through glob -> pcre conversion.
This commit is contained in:
John Johansen
2009-07-23 21:18:37 +00:00
parent 298b32e82e
commit 6afe6185be
13 changed files with 496 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
parser/parser_regex.c
View File

@@ -487,6 +487,7 @@ static int process_dfa_entry(aare_ruleset_t *dfarules, struct cod_entry *entry)
if (!entry) /* shouldn't happen */
return TRUE;
ptype = convert_aaregex_to_pcre(entry->name, 0, tbuf, PATH_MAX + 3);
if (ptype == ePatternInvalid)
return FALSE;
@@ -513,7 +514,7 @@ static int process_dfa_entry(aare_ruleset_t *dfarules, struct cod_entry *entry)
entry->mode & ~AA_LINK_BITS,
entry->audit & ~AA_LINK_BITS))
return FALSE;
} else {
} else if (entry->mode & ~AA_CHANGE_PROFILE) {
if (!aare_add_rule(dfarules, tbuf, entry->deny, entry->mode,
entry->audit))
return FALSE;
@@ -542,12 +543,14 @@ static int process_dfa_entry(aare_ruleset_t *dfarules, struct cod_entry *entry)
if (entry->mode & AA_CHANGE_PROFILE) {
if (entry->namespace) {
char *vec[2];
vec[0] = entry->namespace;
vec[1] = entry->name;
char lbuf[PATH_MAX + 8];
ptype = convert_aaregex_to_pcre(entry->namespace, 0, lbuf, PATH_MAX + 8);
vec[0] = lbuf;
vec[1] = tbuf;
if (!aare_add_rule_vec(dfarules, 0, AA_CHANGE_PROFILE, 0, 2, vec))
return FALSE;
} else {
if (!aare_add_rule(dfarules, entry->name, 0, AA_CHANGE_PROFILE, 0))
if (!aare_add_rule(dfarules, tbuf, 0, AA_CHANGE_PROFILE, 0))
return FALSE;
}
}