mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 18:17:09 +00:00
Code Issues Releases Wiki Activity

parser - terminate search early if wildcards are discovered

Browse Source 
This patch is a very minor optimization to the search to determine
whether a given rule is an exact match or not. If a wildcard rule
(i.e.  an inexact match) is discovered, exact_match is set to 0,
so we don't need to continue the tree traversal.

Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Steve Beattie 2013-10-14 14:36:05 -07:00
parent 3d26d2431c
commit 9c50ff9fb3
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
parser/libapparmor_re/aare_rules.cc
View File

@ -1,7 +1,7 @@
/* /*
* (C) 2006, 2007 Andreas Gruenbacher <agruen@suse.de> * (C) 2006, 2007 Andreas Gruenbacher <agruen@suse.de>
* Copyright (c) 2003-2008 Novell, Inc. (All rights reserved) * Copyright (c) 2003-2008 Novell, Inc. (All rights reserved)
* Copyright 2009-2012 Canonical Ltd. * Copyright 2009-2013 Canonical Ltd. (All rights reserved)
* *
* The libapparmor library is licensed under the terms of the GNU * The libapparmor library is licensed under the terms of the GNU
* Lesser General Public License, version 2.1. Please see the file * Lesser General Public License, version 2.1. Please see the file
@ -123,7 +123,7 @@ int aare_add_rule_vec(aare_ruleset_t *rules, int deny,
* on how we split permission bitmasks here. * on how we split permission bitmasks here.
*/ */
exact_match = 1; exact_match = 1;
for (depth_first_traversal i(tree); i; i++) { for (depth_first_traversal i(tree); i && exact_match; i++) {
if (dynamic_cast<StarNode *>(*i) || if (dynamic_cast<StarNode *>(*i) ||
dynamic_cast<PlusNode *>(*i) || dynamic_cast<PlusNode *>(*i) ||
dynamic_cast<AnyCharNode *>(*i) || dynamic_cast<AnyCharNode *>(*i) ||