From b5a2a1ec1317a16a64d486d4a3f00d2fe6638c38 Mon Sep 17 00:00:00 2001
From: Christian Boltz <apparmor@cboltz.de>
Date: Thu, 22 Apr 2021 19:38:56 +0200
Subject: [PATCH] Detect endless #include loop when parsing profiles

If an include file includes itsself (for example if local/foo has
'#include <local/foo>'), print a warning instead of calling
load_include() again and again.

This fixes a crash when hitting such a case:
    RecursionError: maximum recursion depth exceeded while calling a Python object

Fixes: https://bugzilla.suse.com/show_bug.cgi?id=1184779 for the tools.
The parser will also need a fix.

This is the 3.0 version of 30323a2ded4de17f52eed2d8b7c9cb37a6bda7cb /
https://gitlab.com/apparmor/apparmor/-/merge_requests/742
---
 utils/apparmor/aa.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/utils/apparmor/aa.py b/utils/apparmor/aa.py
index f724f6e60..4ba484dad 100644
--- a/utils/apparmor/aa.py
+++ b/utils/apparmor/aa.py
@@ -1948,7 +1948,11 @@ def parse_profile_data(data, file, do_include):
                 active_profiles.add_inc_ie(file, rule_obj)
 
             for incname in rule_obj.get_full_paths(profile_dir):
-                load_include(incname)
+                if incname == file:
+                    # warn about endless loop, and don't call load_include() (again) for this file
+                    aaui.UI_Important(_('WARNING: endless loop detected: file %s includes itsself' % incname))
+                else:
+                    load_include(incname)
 
         elif NetworkRule.match(line):
             if not profile: