mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-04 16:25:10 +00:00
Code Issues Releases Wiki Activity

Be consistent with return statements when only returning None.

Browse Source
This commit is contained in:
Mark Grassi
2022-08-13 10:56:39 -04:00
parent 091c6ad59d
commit b1c2aeaa76
2 changed files with 22 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
utils/apparmor/aa.py
View File

@@ -575,10 +575,10 @@ def autodep(bin_name, pname=''):
# if not bin_full: # if not bin_full:
# bin_full = bin_name # bin_full = bin_name
# if not bin_full.startswith('/'): # if not bin_full.startswith('/'):
# return None # return
# Return if executable path not found # Return if executable path not found
if not bin_full: if not bin_full:
return None return
else: else:
bin_full = pname # for named profiles bin_full = pname # for named profiles
@@ -1773,7 +1773,7 @@ def read_inactive_profiles(skip_profiles=[]):
read_inactive_profiles.already_read = True read_inactive_profiles.already_read = True
if not os.path.exists(extra_profile_dir): if not os.path.exists(extra_profile_dir):
return None return
try: try:
os.listdir(profile_dir) os.listdir(profile_dir)
except: except:
@@ -1799,7 +1799,7 @@ def read_profile(file, active_profile):
except IOError as e: except IOError as e:
aaui.UI_Important('WARNING: Error reading file %s, skipping.\n %s' % (file, e)) aaui.UI_Important('WARNING: Error reading file %s, skipping.\n %s' % (file, e))
debug_logger.debug("read_profile: can't read %s - skipping" % file) debug_logger.debug("read_profile: can't read %s - skipping" % file)
return None return
profile_data = parse_profile_data(data, file, 0, True) profile_data = parse_profile_data(data, file, 0, True)
@@ -2404,7 +2404,7 @@ def propose_file_rules(profile_obj, rule_obj):
def reload_base(bin_path): def reload_base(bin_path):
if not check_for_apparmor(): if not check_for_apparmor():
return None return
prof_filename = get_profile_filename_from_profile_name(bin_path, True) prof_filename = get_profile_filename_from_profile_name(bin_path, True)
@@ -2425,10 +2425,8 @@ def reload_profile(prof_filename, raise_exc=False):
def reload(bin_path): def reload(bin_path):
bin_path = find_executable(bin_path) bin_path = find_executable(bin_path)
if not bin_path: if bin_path:
return None reload_base(bin_path)
return reload_base(bin_path)
def get_include_data(filename): def get_include_data(filename):

30
utils/apparmor/logparser.py
View File

@@ -156,11 +156,11 @@ class ReadLog:
raise AppArmorBug('aamode is UNKNOWN - %s' % e['type']) # should never happen raise AppArmorBug('aamode is UNKNOWN - %s' % e['type']) # should never happen
if aamode in ('AUDIT', 'STATUS', 'ERROR'): if aamode in ('AUDIT', 'STATUS', 'ERROR'):
return None return
# Skip if AUDIT event was issued due to a change_hat in unconfined mode # Skip if AUDIT event was issued due to a change_hat in unconfined mode
if not e.get('profile', False): if not e.get('profile', False):
return None return
full_profile = e['profile'] # full, nested profile name full_profile = e['profile'] # full, nested profile name
self.init_hashlog(aamode, full_profile) self.init_hashlog(aamode, full_profile)
@@ -172,7 +172,7 @@ class ReadLog:
profile, hat = split_name(e['profile']) profile, hat = split_name(e['profile'])
if profile != 'null-complain-profile' and not self.profile_exists(profile): if profile != 'null-complain-profile' and not self.profile_exists(profile):
return None return
if e['operation'] == 'exec': if e['operation'] == 'exec':
if not e['name']: if not e['name']:
raise AppArmorException('exec without executed binary') raise AppArmorException('exec without executed binary')
@@ -181,7 +181,7 @@ class ReadLog:
e['name2'] = '' # exec events in enforce mode don't have target=... e['name2'] = '' # exec events in enforce mode don't have target=...
self.hashlog[aamode][full_profile]['exec'][e['name']][e['name2']] = True self.hashlog[aamode][full_profile]['exec'][e['name']][e['name2']] = True
return None return
elif self.op_type(e) == 'file': elif self.op_type(e) == 'file':
# Map c (create) and d (delete) to w (logging is more detailed than the profile language) # Map c (create) and d (delete) to w (logging is more detailed than the profile language)
@@ -212,45 +212,45 @@ class ReadLog:
else: else:
raise AppArmorException(_('Log contains unknown mode %s') % dmask) raise AppArmorException(_('Log contains unknown mode %s') % dmask)
return None return
elif e['operation'] == 'capable': elif e['operation'] == 'capable':
self.hashlog[aamode][full_profile]['capability'][e['name']] = True self.hashlog[aamode][full_profile]['capability'][e['name']] = True
return None return
elif self.op_type(e) == 'net': elif self.op_type(e) == 'net':
self.hashlog[aamode][full_profile]['network'][e['family']][e['sock_type']][e['protocol']] = True self.hashlog[aamode][full_profile]['network'][e['family']][e['sock_type']][e['protocol']] = True
return None return
elif e['operation'] == 'change_hat': elif e['operation'] == 'change_hat':
if e['error_code'] == 1 and e['info'] == 'unconfined can not change_hat': if e['error_code'] == 1 and e['info'] == 'unconfined can not change_hat':
return None return
self.hashlog[aamode][full_profile]['change_hat'][e['name2']] = True self.hashlog[aamode][full_profile]['change_hat'][e['name2']] = True
return None return
elif e['operation'] == 'change_profile': elif e['operation'] == 'change_profile':
self.hashlog[aamode][full_profile]['change_profile'][e['name2']] = True self.hashlog[aamode][full_profile]['change_profile'][e['name2']] = True
return None return
elif e['operation'] == 'ptrace': elif e['operation'] == 'ptrace':
if not e['peer']: if not e['peer']:
self.debug_logger.debug('ignored garbage ptrace event with empty peer') self.debug_logger.debug('ignored garbage ptrace event with empty peer')
return None return
if not e['denied_mask']: if not e['denied_mask']:
self.debug_logger.debug('ignored garbage ptrace event with empty denied_mask') self.debug_logger.debug('ignored garbage ptrace event with empty denied_mask')
return None return
self.hashlog[aamode][full_profile]['ptrace'][e['peer']][e['denied_mask']] = True self.hashlog[aamode][full_profile]['ptrace'][e['peer']][e['denied_mask']] = True
return None return
elif e['operation'] == 'signal': elif e['operation'] == 'signal':
self.hashlog[aamode][full_profile]['signal'][e['peer']][e['denied_mask']][e['signal']] = True self.hashlog[aamode][full_profile]['signal'][e['peer']][e['denied_mask']][e['signal']] = True
return None return
elif e['operation'].startswith('dbus_'): elif e['operation'].startswith('dbus_'):
self.hashlog[aamode][full_profile]['dbus'][e['denied_mask']][e['bus']][e['path']][e['name']][e['interface']][e['member']][e['peer_profile']] = True self.hashlog[aamode][full_profile]['dbus'][e['denied_mask']][e['bus']][e['path']][e['name']][e['interface']][e['member']][e['peer_profile']] = True
return None return
else: else:
self.debug_logger.debug('UNHANDLED: %s' % e) self.debug_logger.debug('UNHANDLED: %s' % e)