parser: Adjust writeu16() to output escaped byte sequences

The writeu16() function was outputting unescaped byte sequences to the
rule buffer. That resulted the generation of in an incomplete rule if
one of those unescaped byte sequences contained 0x00.

This patch uses u8 pointers, instead of char pointers, when writing out
the big endian u16 value. More importantly, it casts the u8 values to
unsigned ints, which is what's needed to get the properly escaped byte
sequences.

Before:

  $ echo "/t { unix (connect,read,write) type=stream, }" |
apparmor_parser -qQD dfa-states
  {1} <== (allow/deny/audit/quiet)
  {2} (0x 4/0/0/0)
  {3} (0x 4/0/0/0)
  {5} (0x 46/0/0/0)
  
  {1} -> {2}: 0x2
  {1} -> {3}: 0x4
  {1} -> {2}: 0x7
  {1} -> {2}: 0x9
  {1} -> {2}: 0xa
  {1} -> {2}: 0x20 \ 
  {1} -> {4}: 0x34 4
  {3}  (0x 4/0/0/0) -> {5}: 0x0
  {4} -> {6}: 0x0
  {6} -> {2}: 0x31 1
  

After (the next patch fixes the pointer values that are being written
out):

  $ echo "/t { unix (connect,read,write) type=stream, }" |
apparmor_parser -qQD dfa-states
  {1} <== (allow/deny/audit/quiet)
  {2} (0x 4/0/0/0)
  {3} (0x 4/0/0/0)
  {43} (0x 46/0/0/0)
  {44} (0x 46/0/0/0)
  
  {1} -> {2}: 0x2
  {1} -> {3}: 0x4
  {1} -> {2}: 0x7
  {1} -> {2}: 0x9
  {1} -> {2}: 0xa
  {1} -> {2}: 0x20 \ 
  {1} -> {4}: 0x34 4
  {3}  (0x 4/0/0/0) -> {5}: 0x0
  {4} -> {6}: 0x0
  {5} -> {7}: 0x1
  {6} -> {2}: 0x31 1
  {7} -> {8}: 0x30 0
  {8} -> {9}: 0x78 x
  {9} -> {10}: 0x37 7
  {10} -> {11}: 0x66 f
  {11} -> {12}: 0x66 f
  {12} -> {13}: 0x66 f
  {13} -> {14}: 0x31 1
  {14} -> {15}: 0x30 0
  {15} -> {16}: 0x34 4
  {16} -> {17}: 0x66 f
  {17} -> {18}: 0x33 3
  {18} -> {19}: 0x35 5
  {19} -> {20}: 0x31 1
  {20} -> {21}: 0x38 8
  {21} -> {22}: 0x0
  {22} -> {23}: 0x1
  {23} -> {24}: 0x30 0
  {24} -> {25}: 0x78 x
  {25} -> {26}: 0x37 7
  {26} -> {27}: 0x66 f
  {27} -> {28}: 0x66 f
  {28} -> {29}: 0x66 f
  {29} -> {30}: 0x31 1
  {30} -> {31}: 0x30 0
  {31} -> {32}: 0x34 4
  {32} -> {33}: 0x66 f
  {33} -> {34}: 0x33 3
  {34} -> {35}: 0x35 5
  {35} -> {36}: 0x31 1
  {36} -> {37}: 0x38 8
  {37} -> {38}: []
  {38} -> {39}: []
  {39} -> {40}: 0x0
  {39} -> {39}: []
  {40} -> {40}: 0x0
  {40} -> {41}: 0x1
  {40} -> {39}: []
  {41} -> {42}: 0x0
  {41} -> {39}: []
  {42} -> {40}: 0x0
  {42} -> {44}: 0x1
  {42} -> {43}: []
  {43}  (0x 46/0/0/0) -> {40}: 0x0
  {43}  (0x 46/0/0/0) -> {43}: []
  {44}  (0x 46/0/0/0) -> {42}: 0x0
  {44}  (0x 46/0/0/0) -> {43}: []

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>

parser/af_unix.cc

@@ -192,9 +192,11 @@ static void warn_once(const char *name)
 std::ostringstream &writeu16(std::ostringstream &o, int v)
 {
 	u16 tmp = htobe16((u16) v);
-	char *c = (char *) &tmp;
-	o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << *c++;
-	o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << *c;
+	u8 *byte1 = (u8 *)&tmp;
+	u8 *byte2 = byte1 + 1;
+
+	o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << static_cast<unsigned int>(*byte1);
+	o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << static_cast<unsigned int>(*byte2);
 	return o;
 }