fix: avoid using namespace std; in header files

using directive in a header file is a bad practice because it may lead
to unexpected results.

https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rs-using-directive

parser/af_unix.cc

@@ -30,6 +30,8 @@
 #include "profile.h"
 #include "af_unix.h"
 
+using namespace std;
+
 /* See unix(7) for autobind address definition */
 #define autobind_address_pattern "\\x00[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]";
 

parser/file_cache.h

@@ -21,14 +21,12 @@
 #include <set>
 #include <string>
 
-using namespace std;
-
 /* TODO: have includecache be a frontend for file cache, don't just
  * store name.
  */
 class IncludeCache_t {
 public:
-	set<string> cache;
+	std::set<std::string> cache;
 
 	IncludeCache_t() = default;
 	virtual ~IncludeCache_t() = default;
@@ -39,7 +37,7 @@ public:
 	}
 
 	bool insert(const char *name) {
-		pair<set<string>::iterator,bool> res = cache.insert(name);
+		std::pair<std::set<std::string>::iterator,bool> res = cache.insert(name);
 		if (res.second == false) {
 			return false;
 		}

parser/lib.c

@@ -28,6 +28,8 @@
 #include "lib.h"
 #include "parser.h"
 
+using namespace std;
+
 int dirat_for_each(int dirfd, const char *name, void *data,
 		   int (* cb)(int, const char *, struct stat *, void *))
 {

parser/libapparmor_re/aare_rules.cc

@@ -34,6 +34,7 @@
 #include "chfa.h"
 #include "../immunix.h"
 
+using namespace std;
 
 aare_rules::~aare_rules(void)
 {

parser/libapparmor_re/aare_rules.h

@@ -59,7 +59,7 @@ public:
 
 class UniquePermsCache {
 public:
-	typedef map<UniquePerm, Node*> UniquePermMap;
+	typedef std::map<UniquePerm, Node*> UniquePermMap;
 	typedef UniquePermMap::iterator iterator;
 	UniquePermMap nodes;
 
@@ -89,7 +89,7 @@ public:
 				node = new ExactMatchFlag(priority, perms, audit);
 			else
 				node = new MatchFlag(priority, perms, audit);
-			pair<iterator, bool> val = nodes.insert(make_pair(tmp, node));
+			std::pair<iterator, bool> val = nodes.insert(std::make_pair(tmp, node));
 			if (val.second == false) {
 				delete node;
 				return val.first->second;
@@ -121,17 +121,17 @@ class aare_rules {
 			  optflags const &opts, bool oob);
 	bool append_rule(const char *rule, bool oob, bool with_perm, optflags const &opts);
 	CHFA *create_chfa(int *min_match_len,
-			  vector <aa_perms> &perms_table,
+			  std::vector <aa_perms> &perms_table,
 			  optflags const &opts, bool filedfa,
 			  bool extended_perms, bool prompt);
 	void *create_dfablob(size_t *size, int *min_match_len,
-			 vector <aa_perms> &perms_table,
+			 std::vector <aa_perms> &perms_table,
 			 optflags const &opts,
 			 bool filedfa, bool extended_perms, bool prompt);
 	void *create_welded_dfablob(aare_rules *file_rules,
 				    size_t *size, int *min_match_len,
 				    size_t *new_start,
-				    vector <aa_perms> &perms_table,
+				    std::vector <aa_perms> &perms_table,
 				    optflags const &opts,
 				    bool extended_perms, bool prompt);
 };

parser/libapparmor_re/chfa.cc

@@ -37,6 +37,8 @@
 #include "../policydb.h"
 #include "flex-tables.h"
 
+using namespace std;
+
 void CHFA::init_free_list(vector<pair<size_t, size_t> > &free_list,
 				     size_t prev, size_t start)
 {

parser/libapparmor_re/chfa.h

@@ -32,39 +32,37 @@
 #define MATCH_FLAG_OOB_TRANSITION 0x20000000
 #define base_mask_size(X) ((X) & ~BASE32_FLAGS)
 
-using namespace std;
-
-typedef vector<pair<const State *, size_t> > DefaultBase;
-typedef vector<pair<const State *, const State *> > NextCheck;
+typedef std::vector<std::pair<const State *, size_t> > DefaultBase;
+typedef std::vector<std::pair<const State *, const State *> > NextCheck;
 
 class CHFA {
       public:
 	CHFA(void);
-	CHFA(DFA &dfa, map<transchar, transchar> &eq, optflags const &opts,
+	CHFA(DFA &dfa, std::map<transchar, transchar> &eq, optflags const &opts,
 	     bool permindex, bool prompt);
 	void dump(ostream & os);
 	void flex_table(ostream &os, optflags const &opts);
-	void init_free_list(vector<pair<size_t, size_t> > &free_list,
+	void init_free_list(std::vector<std::pair<size_t, size_t> > &free_list,
 			    size_t prev, size_t start);
-	bool fits_in(vector<pair<size_t, size_t> > &free_list, size_t base,
+	bool fits_in(std::vector<std::pair<size_t, size_t> > &free_list, size_t base,
 		     StateTrans &cases);
-	void insert_state(vector<pair<size_t, size_t> > &free_list,
+	void insert_state(std::vector<std::pair<size_t, size_t> > &free_list,
 			  State *state, DFA &dfa);
 	void weld_file_to_policy(CHFA &file_chfa, size_t &new_start,
 				 bool accept_idx, bool prompt,
-				 vector <aa_perms>  &policy_perms,
-				 vector <aa_perms> &file_perms);
+				 std::vector <aa_perms>  &policy_perms,
+				 std::vector <aa_perms> &file_perms);
 
 	// private:
 	// sigh templates suck, friend declaration does not work so for now
 	// make these public
-	vector<uint32_t> accept;
-	vector<uint32_t> accept2;
+	std::vector<uint32_t> accept;
+	std::vector<uint32_t> accept2;
 	DefaultBase default_base;
 	NextCheck next_check;
 	const State *start;
 	Renumber_Map num;
-	map<transchar, transchar> eq;
+	std::map<transchar, transchar> eq;
 	unsigned int chfaflags;
       private:
 	transchar max_eq;

parser/libapparmor_re/expr-tree.cc

@@ -38,6 +38,8 @@
 #include "expr-tree.h"
 #include "apparmor_re.h"
 
+using namespace std;
+
 /* Use a single static EpsNode as it carries no node specific information */
 EpsNode epsnode;
 

parser/libapparmor_re/expr-tree.h

@@ -44,8 +44,6 @@
 #include "../perms.h"
 #include "apparmor_re.h"
 
-using namespace std;
-
 /*
  * transchar - representative input character for state transitions
  *
@@ -146,9 +144,9 @@ public:
 
 class Chars {
 public:
-	set<transchar> chars;
+	std::set<transchar> chars;
 
-	typedef set<transchar>::iterator iterator;
+	typedef std::set<transchar>::iterator iterator;
 	iterator begin() { return chars.begin(); }
 	iterator end() { return chars.end(); }
 
@@ -166,11 +164,11 @@ public:
 	{
 		return chars.find(key);
 	}
-	pair<iterator,bool> insert(transchar c)
+	std::pair<iterator,bool> insert(transchar c)
 	{
 		return chars.insert(c);
 	}
-	pair<iterator,bool> insert(char c)
+	std::pair<iterator,bool> insert(char c)
 	{
 		transchar tmp(c);
 		return chars.insert(tmp);
@@ -181,9 +179,9 @@ public:
 ostream &operator<<(ostream &os, transchar c);
 
 /* Compute the union of two sets. */
-template<class T> set<T> operator+(const set<T> &a, const set<T> &b)
+template<class T> std::set<T> operator+(const std::set<T> &a, const std::set<T> &b)
 {
-	set<T> c(a);
+	std::set<T> c(a);
 	c.insert(b.begin(), b.end());
 	return c;
 }
@@ -196,7 +194,7 @@ template<class T> set<T> operator+(const set<T> &a, const set<T> &b)
  */
 class Node;
 class ImportantNode;
-typedef set<ImportantNode *> NodeSet;
+typedef std::set<ImportantNode *> NodeSet;
 
 /**
  * Text-dump a state (for debugging).
@@ -212,12 +210,12 @@ ostream &operator<<(ostream &os, const NodeSet &state);
  * enumerating all the explicit tranitions for default matches.
  */
 typedef struct Cases {
-	typedef map<transchar, NodeSet *>::iterator iterator;
+	typedef std::map<transchar, NodeSet *>::iterator iterator;
 	iterator begin() { return cases.begin(); }
 	iterator end() { return cases.end(); }
 
 	Cases(): otherwise(0) { }
-	map<transchar, NodeSet *> cases;
+	std::map<transchar, NodeSet *> cases;
 	NodeSet *otherwise;
 } Cases;
 
@@ -891,7 +889,7 @@ public:
 	{
 		type_flags |= NODE_TYPE_MATCHFLAG;
 	}
-	ostream &dump(ostream &os) { return os << "< 0x" << hex << perms << std::dec << '>'; }
+	ostream &dump(ostream &os) { return os << "< 0x" << std::hex << perms << std::dec << '>'; }
 
 	int priority;
 	perm32_t perms;
@@ -925,7 +923,7 @@ public:
 
 /* Traverse the syntax tree depth-first in an iterator-like manner. */
 class depth_first_traversal {
-	stack<Node *>pos;
+	std::stack<Node *>pos;
 	void push_left(Node *node) {
 		pos.push(node);
 
@@ -1050,7 +1048,7 @@ struct deref_less_than {
 
 class NodeVecCache: public CacheStats {
 public:
-	set<NodeVec *, deref_less_than> cache;
+	std::set<NodeVec *, deref_less_than> cache;
 
 	NodeVecCache(void): cache() { };
 	~NodeVecCache() { clear(); };
@@ -1059,7 +1057,7 @@ public:
 
 	void clear()
 	{
-		for (set<NodeVec *>::iterator i = cache.begin();
+		for (std::set<NodeVec *>::iterator i = cache.begin();
 		     i != cache.end(); i++) {
 			delete *i;
 		}
@@ -1071,7 +1069,7 @@ public:
 	{
 		if (!nodes)
 			return NULL;
-		pair<set<NodeVec *>::iterator,bool> uniq;
+		std::pair<std::set<NodeVec *>::iterator,bool> uniq;
 		NodeVec *nv = new NodeVec(nodes);
 		uniq = cache.insert(nv);
 		if (uniq.second == false) {

parser/libapparmor_re/hfa.cc

@@ -38,6 +38,8 @@
 #include "../immunix.h"
 #include "../perms.h"
 
+using namespace std;
+
 ostream &operator<<(ostream &os, const CacheStats &cache)
 {
 	/* dump the state label */

parser/libapparmor_re/hfa.h

@@ -42,8 +42,8 @@ extern int prompt_compat_mode;
 
 class State;
 
-typedef map<transchar, State *> StateTrans;
-typedef list<State *> Partition;
+typedef std::map<transchar, State *> StateTrans;
+typedef std::list<State *> Partition;
 
 #include "../immunix.h"
 
@@ -62,9 +62,9 @@ public:
 	}
 	ostream &dump(ostream &os)
 	{
-		os << "(0x " << hex
+		os << "(0x " << std::hex
 		   << allow << "/" << deny << "/" << "/" << prompt << "/" << audit << "/" << quiet
-		   << ')' << dec;
+		   << ')' << std::dec;
 		return os;
 	}
 
@@ -317,11 +317,11 @@ public:
 class NodeMap: public CacheStats
 {
 public:
-	typedef map<ProtoState, State *>::iterator iterator;
+	typedef std::map<ProtoState, State *>::iterator iterator;
 	iterator begin() { return cache.begin(); }
 	iterator end() { return cache.end(); }
 
-	map<ProtoState, State *> cache;
+	std::map<ProtoState, State *> cache;
 
 	NodeMap(void): cache() { };
 	~NodeMap() { clear(); };
@@ -334,10 +334,10 @@ public:
 		CacheStats::clear();
 	}
 
-	pair<iterator,bool> insert(ProtoState &proto, State *state)
+	std::pair<iterator,bool> insert(ProtoState &proto, State *state)
 	{
-		pair<iterator,bool> uniq;
-		uniq = cache.insert(make_pair(proto, state));
+		std::pair<iterator,bool> uniq;
+		uniq = cache.insert(std::make_pair(proto, state));
 		if (uniq.second == false) {
 			dup++;
 		} else {
@@ -349,7 +349,7 @@ public:
 	}
 };
 
-typedef map<const State *, size_t> Renumber_Map;
+typedef std::map<const State *, size_t> Renumber_Map;
 
 /* Transitions in the DFA. */
 class DFA {
@@ -360,7 +360,7 @@ class DFA {
 			     NodeSet *nnodes, State *other);
 	void update_state_transitions(optflags const &opts, State *state);
 	void process_work_queue(const char *header, optflags const &);
-	void dump_diff_chain(ostream &os, map<State *, Partition> &relmap,
+	void dump_diff_chain(ostream &os, std::map<State *, Partition> &relmap,
 			     Partition &chain, State *state,
 			     unsigned int &count, unsigned int &total,
 			     unsigned int &max);
@@ -369,7 +369,7 @@ class DFA {
 	NodeVecCache anodes_cache;
 	NodeVecCache nnodes_cache;
 	NodeMap node_map;
-	list<State *> work_queue;
+	std::list<State *> work_queue;
 
 public:
 	DFA(Node *root, optflags const &flags, bool filedfa);
@@ -394,14 +394,14 @@ public:
 	void dump_uniq_perms(const char *s);
 	ostream &dump_partition(ostream &os, Partition &p);
 	ostream &dump_partitions(ostream &os, const char *description,
-				 list<Partition *> &partitions);
-	map<transchar, transchar> equivalence_classes(optflags const &flags);
-	void apply_equivalence_classes(map<transchar, transchar> &eq);
+				 std::list<Partition *> &partitions);
+	std::map<transchar, transchar> equivalence_classes(optflags const &flags);
+	void apply_equivalence_classes(std::map<transchar, transchar> &eq);
 
 	void compute_perms_table_ent(State *state, size_t pos,
-				     vector <aa_perms> &perms_table,
+				     std::vector <aa_perms> &perms_table,
 				     bool prompt);
-	void compute_perms_table(vector <aa_perms> &perms_table,
+	void compute_perms_table(std::vector <aa_perms> &perms_table,
 				 bool prompt);
 
 	unsigned int diffcount;
@@ -415,6 +415,6 @@ public:
 	bool filedfa;
 };
 
-void dump_equivalence_classes(ostream &os, map<transchar, transchar> &eq);
+void dump_equivalence_classes(ostream &os, std::map<transchar, transchar> &eq);
 
 #endif /* __LIBAA_RE_HFA_H */

parser/libapparmor_re/parse.y

@@ -24,6 +24,8 @@
 /* #define DEBUG_TREE */
 #include "expr-tree.h"
 
+using namespace std;
+
 %}
 
 %union {

parser/mount.cc

@@ -228,6 +228,8 @@
 #include "profile.h"
 #include "mount.h"
 
+using namespace std;
+
 struct mnt_keyword_table {
 	const char *keyword;
 	unsigned int set;

parser/parser.h

@@ -41,8 +41,6 @@
 
 #include <string>
 
-using namespace std;
-
 #include <set>
 
 

parser/parser_interface.c

@@ -41,6 +41,7 @@
 #define SD_CODE_SIZE (sizeof(u8))
 #define SD_STR_LEN (sizeof(u16))
 
+using namespace std;
 
 int __sd_serialize_profile(int option, aa_kernel_interface *kernel_interface,
 			   Profile *prof, int cache_fd);

parser/parser_lex.l

@@ -46,6 +46,8 @@
 #include "policy_cache.h"
 #include "file_cache.h"
 
+using namespace std;
+
 #ifdef PDEBUG
 #undef PDEBUG
 #endif

parser/parser_misc.c

@@ -66,6 +66,8 @@ void *reallocarray(void *ptr, size_t nmemb, size_t size)
 #define NULL nullptr
 #endif
 
+using namespace std;
+
 int is_blacklisted(const char *name, const char *path)
 {
 	int retval = _aa_is_blacklisted(name);

parser/parser_policy.c

@@ -45,6 +45,7 @@
 #endif
 #define NPDEBUG(fmt, args...)	/* Do nothing */
 
+using namespace std;
 
 ProfileList policy_list;
 

parser/parser_yacc.y

@@ -45,6 +45,7 @@
 #include <netinet/in.h>
 #include <arpa/inet.h>
 
+using namespace std;
 
 #define CIDR_32 htonl(0xffffffff)
 #define CIDR_24 htonl(0xffffff00)

parser/profile.cc

@@ -21,6 +21,8 @@
 #include <vector>
 #include <algorithm>
 
+using namespace std;
+
 const char *profile_mode_table[] = {
 	"",
 	"enforce",

parser/profile.h

@@ -42,16 +42,16 @@ struct deref_profileptr_lt {
 
 class ProfileList {
 public:
-	set<Profile *, deref_profileptr_lt> list;
+	std::set<Profile *, deref_profileptr_lt> list;
 
-	typedef set<Profile *, deref_profileptr_lt>::iterator iterator;
+	typedef std::set<Profile *, deref_profileptr_lt>::iterator iterator;
 	iterator begin() { return list.begin(); }
 	iterator end() { return list.end(); }
 
 	ProfileList() { };
 	virtual ~ProfileList() { clear(); }
 	virtual bool empty(void) { return list.empty(); }
-	virtual pair<ProfileList::iterator,bool> insert(Profile *);
+	virtual std::pair<ProfileList::iterator,bool> insert(Profile *);
 	virtual void erase(ProfileList::iterator pos);
 	void clear(void);
 	void dump(void);
@@ -368,7 +368,7 @@ struct dfa_stuff {
 	void *dfa;
 	size_t size;
 	size_t file_start;		/* special start in welded dfa */
-	vector <aa_perms> perms_table;
+	std::vector <aa_perms> perms_table;
 	dfa_stuff(void): rules(NULL), dfa(NULL), size(0) { }
 };
 
@@ -382,7 +382,7 @@ public:
 	void *xmatch;
 	size_t xmatch_size;
 	int xmatch_len;
-	vector <aa_perms> xmatch_perms_table;
+	std::vector <aa_perms> xmatch_perms_table;
 	struct cond_entry_list xattrs;
 
 	/* char *sub_name; */			/* subdomain name or NULL */
@@ -477,7 +477,7 @@ public:
 			debug_cod_entries(entries);
 
 		for (RuleList::iterator i = rule_ents.begin(); i != rule_ents.end(); i++) {
-			(*i)->dump(cout);
+			(*i)->dump(std::cout);
 		}
 
 		printf("\n");
@@ -511,7 +511,7 @@ public:
 
 	void dump_name(bool fqp)
 	{
-		cout << get_name(fqp);;
+		std::cout << get_name(fqp);;
 	}
 
 	void post_parse_profile(void);

parser/rule.h

@@ -25,8 +25,6 @@
 #include "perms.h"
 #include "policydb.h"
 
-using namespace std;
-
 #define PROMPT_COMPAT_UNKNOWN  0
 #define PROMPT_COMPAT_IGNORE  1
 #define PROMPT_COMPAT_PERMSV2 2
@@ -436,9 +434,9 @@ public:
 		class_rule_t::dump(os);
 
 		if (saved)
-			os << "(0x" << hex << perms << "/orig " << saved << ") ";
+			os << "(0x" << std::hex << perms << "/orig " << saved << ") ";
 		else
-			os << "(0x" << hex << perms << ") ";
+			os << "(0x" << std::hex << perms << ") ";
 
 		return os;
 	}
@@ -464,7 +462,7 @@ public:
 	virtual ostream &dump(ostream &os) {
 		class_rule_t::dump(os);
 
-		os << "(0x" << hex << perms << ") ";
+		os << "(0x" << std::hex << perms << ") ";
 		return os;
 	}
 

parser/signal.cc

@@ -30,6 +30,8 @@
 #include "parser_yacc.h"
 #include "signal.h"
 
+using namespace std;
+
 #define MAXMAPPED_SIG 35
 #define MINRT_SIG 128		/* base of RT sigs */
 #define MAXRT_SIG 32		/* Max RT above MINRT_SIG */

parser/signal.h

@@ -29,7 +29,7 @@
 #define AA_VALID_SIGNAL_PERMS		(AA_MAY_SEND | AA_MAY_RECEIVE)
 
 
-typedef set<int> Signals;
+typedef std::set<int> Signals;
 
 int find_signal_mapping(const char *sig);
 int parse_signal_perms(const char *str_perms, perm32_t *perms, int fail);