mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 22:05:27 +00:00
Code Issues Releases Wiki Activity

Convert the parser to C++

Browse Source 
This conversion is nothing more than what is required to get it to
compile. Further improvements will come as the code is refactored.

Unfortunately due to C++ not supporting designated initializers, the auto
generation of af names needed to be reworked, and "netlink" and "unix"
domain socket keywords leaked in. Since these where going to be added in
separate patches I have not bothered to do the extra work to replace them
with a temporary place holder.

Signed-off-by: John Johansen <john.johansen@canonical.com>
[tyhicks: merged with dbus changes and memory leak fixes]
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
This commit is contained in:
John Johansen
2013-09-27 16:13:22 -07:00
committed by Tyler Hicks
parent b0a1488820
commit a34059b1e5
22 changed files with 293 additions and 276 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
parser/parser_policy.c
View File

@@ -19,6 +19,8 @@
* Ltd.
*/
#include <algorithm>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
@@ -49,12 +51,12 @@ static int codomain_compare(const void *a, const void *b)
struct codomain *B = (struct codomain *) b;
int res = 0;
if (A->namespace) {
if (B->namespace)
res = strcmp(A->namespace, B->namespace);
if (A->ns) {
if (B->ns)
res = strcmp(A->ns, B->ns);
else
res = -1;
} else if (B->namespace)
} else if (B->ns)
res = 1;
if (res)
return res;
@@ -119,7 +121,7 @@ static int add_named_transition(struct codomain *cod, struct cod_entry *entry)
char *name = NULL;
/* check to see if it is a local transition */
if (!entry->namespace) {
if (!entry->ns) {
char *sub = strstr(entry->nt_name, "//");
/* does the subprofile name match the rule */
@@ -138,7 +140,7 @@ static int add_named_transition(struct codomain *cod, struct cod_entry *entry)
return AA_EXEC_LOCAL >> 10;
}
/* specified as cix so profile name is implicit */
name = malloc(strlen(cod->name) + strlen(entry->nt_name)
name = (char *) malloc(strlen(cod->name) + strlen(entry->nt_name)
+ 3);
if (!name) {
PERROR("Memory allocation error\n");
@@ -149,16 +151,16 @@ static int add_named_transition(struct codomain *cod, struct cod_entry *entry)
entry->nt_name = name;
}
}
if (entry->namespace) {
name = malloc(strlen(entry->namespace) + strlen(entry->nt_name) + 3);
if (entry->ns) {
name = (char *) malloc(strlen(entry->ns) + strlen(entry->nt_name) + 3);
if (!name) {
PERROR("Memory allocation error\n");
exit(1);
}
sprintf(name, ":%s:%s", entry->namespace, entry->nt_name);
free(entry->namespace);
sprintf(name, ":%s:%s", entry->ns, entry->nt_name);
free(entry->ns);
free(entry->nt_name);
entry->namespace = NULL;
entry->ns = NULL;
entry->nt_name = NULL;
} else {
name = entry->nt_name;
@@ -192,7 +194,7 @@ void post_process_file_entries(struct codomain *cod)
mode |= SHIFT_MODE(n << 10, AA_OTHER_SHIFT);
entry->mode = ((entry->mode & ~AA_ALL_EXEC_MODIFIERS) |
(mode & AA_ALL_EXEC_MODIFIERS));
entry->namespace = NULL;
entry->ns = NULL;
entry->nt_name = NULL;
}
/* FIXME: currently change_profile also implies onexec */
@@ -451,7 +453,7 @@ static void __add_hat_rules_parent(const void *nodep, const VISIT value,
*/
if ((flag_changehat_version == FLAG_CHANGEHAT_1_4) &&
(*t)->parent) {
char *buffer = malloc(strlen((*t)->name) + 1);
char *buffer = (char *) malloc(strlen((*t)->name) + 1);
if (!buffer) {
PERROR("Memory allocation error\n");
exit(1);
@@ -828,8 +830,8 @@ void free_policy(struct codomain *cod)
free(cod->name);
if (cod->attachment)
free(cod->attachment);
if (cod->namespace)
free(cod->namespace);
if (cod->ns)
free(cod->ns);
if (cod->network_allowed)
free(cod->network_allowed);
if (cod->audit_network)