From da52731c7597fece8d817cda28a57919f856173e Mon Sep 17 00:00:00 2001
From: Steve Beattie <steve@nxnw.org>
Date: Fri, 24 Jul 2009 11:56:07 +0000
Subject: [PATCH]   * fix small memory leak in parser_main.c   * fixup
 instances of my inability to spell separator   * minor code formatting
 cleanup in parser_lex.l

---
 parser/parser_include.c      |  2 +-
 parser/parser_lex.l          | 36 ++++++++++++++++++++----------------
 parser/parser_main.c         |  1 +
 parser/rc.apparmor.functions | 26 +++-----------------------
 4 files changed, 25 insertions(+), 40 deletions(-)

diff --git a/parser/parser_include.c b/parser/parser_include.c
index 8fd7a0ad8..6bec4eb66 100644
--- a/parser/parser_include.c
+++ b/parser/parser_include.c
@@ -186,7 +186,7 @@ void parse_default_paths(void)
 	while (fgetline(f, buf, 1024)) {
 		if (stripcomment(buf) && (t = strstr(buf, "SUBDOMAIN_PATH="))) {
 			t += 15;
-			/* handle : seperating path elements */
+			/* handle : separating path elements */
 			do {
 				s = strchr(t, ':');
 				if (s)
diff --git a/parser/parser_lex.l b/parser/parser_lex.l
index 824343519..a03bc8e9c 100644
--- a/parser/parser_lex.l
+++ b/parser/parser_lex.l
@@ -78,13 +78,15 @@ void include_filename(char *filename, int search)
 	struct stat my_stat;
 	char *fullpath = NULL;
 
-	if (search) include_file = search_path(filename, &fullpath);
-	else {
+	if (search) {
+		include_file = search_path(filename, &fullpath);
+	} else {
 		fullpath = strdup(filename);
 		include_file = fopen(fullpath, "r");
 	}
 
-	if (!include_file) yyerror(_("Could not open '%s'"), fullpath);
+	if (!include_file)
+		yyerror(_("Could not open '%s'"), fullpath);
 
         if (fstat(fileno(include_file), &my_stat))
 		yyerror(_("fstat failed for '%s'"), fullpath);
@@ -113,8 +115,9 @@ void include_filename(char *filename, int search)
                         if (dirent->d_name[0] == '.')
                                 continue;
 
-			if (dirent_path) free(dirent_path);
-                        if (asprintf(&dirent_path, "%s/%s", fullpath, dirent->d_name)<0)
+			if (dirent_path)
+				free(dirent_path);
+                        if (asprintf(&dirent_path, "%s/%s", fullpath, dirent->d_name) < 0)
 				yyerror("Out of memory");
 
 			name_len = strlen(dirent->d_name);
@@ -137,10 +140,11 @@ void include_filename(char *filename, int search)
 				if (!(yyin = fopen(dirent_path,"r")))
 					yyerror(_("Could not open '%s'"), filename);
 				PDEBUG("Opened include \"%s\"\n", filename);
-				yypush_buffer_state(yy_create_buffer( yyin, YY_BUF_SIZE ));
+				yypush_buffer_state(yy_create_buffer(yyin, YY_BUF_SIZE));
 			}
 		}
-		if (dirent_path) free(dirent_path);
+		if (dirent_path)
+			free(dirent_path);
 		closedir(dir);
 	}
 }
@@ -153,7 +157,7 @@ CLOSE_BRACE 	\}
 SLASH		\/
 COLON		:
 END_OF_RULE	[,]
-SEPERATOR 	{UP}
+SEPARATOR 	{UP}
 RANGE		-
 MODE_CHARS 	([RrWwaLlMmkXx])|(([Uu]|[Pp]|[Cc])[Xx])|(([Pp]|[Cc])?[Ii][Xx])
 MODES		{MODE_CHARS}+
@@ -231,7 +235,7 @@ LT_EQUAL	<=
 			   * without any spaces in between (because it's
 			   * a longer match). So now, when I want to
 			   * match any random string, I go into a
-			   * seperate state. */
+			   * separate state. */
 			yylval = (YYSTYPE) processunquoted(yytext, yyleng);
 			PDEBUG("Found sub name: \"%s\"\n", yylval);
 			BEGIN(INITIAL);
@@ -244,7 +248,7 @@ LT_EQUAL	<=
 			   * without any spaces in between (because it's
 			   * a longer match). So now, when I want to
 			   * match any random string, I go into a
-			   * seperate state. */
+			   * separate state. */
 			yylval = (YYSTYPE) processquoted(yytext, yyleng);
 			PDEBUG("Found sub name: \"%s\"\n", yylval);
 			BEGIN(INITIAL);
@@ -265,7 +269,7 @@ LT_EQUAL	<=
 			   * without any spaces in between (because it's
 			   * a longer match). So now, when I want to
 			   * match any random string, I go into a
-			   * seperate state. */
+			   * separate state. */
 			yylval = (YYSTYPE) processunquoted(yytext, yyleng);
 			PDEBUG("Found sub name: \"%s\"\n", yylval);
 			BEGIN(INITIAL);
@@ -278,7 +282,7 @@ LT_EQUAL	<=
 			   * without any spaces in between (because it's
 			   * a longer match). So now, when I want to
 			   * match any random string, I go into a
-			   * seperate state. */
+			   * separate state. */
 			yylval = (YYSTYPE) processquoted(yytext, yyleng);
 			PDEBUG("Found sub name: \"%s\"\n", yylval);
 			BEGIN(INITIAL);
@@ -384,7 +388,7 @@ LT_EQUAL	<=
 			   * without any spaces in between (because it's
 			   * a longer match). So now, when I want to
 			   * match any random string, I go into a
-			   * seperate state. */
+			   * separate state. */
 			yylval = (YYSTYPE) processunquoted(yytext, yyleng);
 			PDEBUG("Found sub name: \"%s\"\n", yylval);
 			BEGIN(INITIAL);
@@ -397,7 +401,7 @@ LT_EQUAL	<=
 			   * without any spaces in between (because it's
 			   * a longer match). So now, when I want to
 			   * match any random string, I go into a
-			   * seperate state. */
+			   * separate state. */
 			yylval = (YYSTYPE) processquoted(yytext, yyleng);
 			PDEBUG("Found sub name: \"%s\"\n", yylval);
 			BEGIN(INITIAL);
@@ -425,8 +429,8 @@ LT_EQUAL	<=
 
 {END_OF_RULE}		{ return TOK_END_OF_RULE; }
 
-{SEPERATOR}		{
-			PDEBUG("Matched a seperator\n");
+{SEPARATOR}		{
+			PDEBUG("Matched a separator\n");
 			yylval = (YYSTYPE) yytext;
 			BEGIN(SUB_NAME);
 			return TOK_SEP;
diff --git a/parser/parser_main.c b/parser/parser_main.c
index 546131b2f..a42faec3f 100644
--- a/parser/parser_main.c
+++ b/parser/parser_main.c
@@ -427,6 +427,7 @@ static void get_flags_string(void) {
 //fprintf(stderr, "flags string: %s\n", flags_string);
 //fprintf(stderr, "changehat %d\n", flag_changehat_version);
 	}
+	free(flags_string);
 	return;
 
 fail:
diff --git a/parser/rc.apparmor.functions b/parser/rc.apparmor.functions
index 0e30236bf..8f816d52e 100644
--- a/parser/rc.apparmor.functions
+++ b/parser/rc.apparmor.functions
@@ -86,9 +86,6 @@ SD_EV_PIDFILE=/var/run/sd-event-dispatch.init.pid
 SD_STATUS=/usr/sbin/subdomain_status
 SECURITYFS=/sys/kernel/security
 
-SUBDOMAINFS_MOUNTPOINT=$(grep subdomainfs /etc/fstab  | \
-	sed -e 's|^[[:space:]]*[^[:space:]]\+[[:space:]]\+\(/[^[:space:]]*\)[[:space:]]\+subdomainfs.*$|\1|' 2> /dev/null)
-
 if [ -d "/var/lib/${MODULE}" ] ; then
 	APPARMOR_TMPDIR="/var/lib/${MODULE}"
 elif [ -d "/var/lib/${OLD_MODULE}" ] ; then
@@ -103,21 +100,9 @@ STATUS=0
 
 # Test if the apparmor "module" is present.
 is_apparmor_present() {
-	local modules=$1
-	shift
-
-	while [ $# -gt 0 ] ; do
-		modules="$modules|$1"
-		shift
-	done
-
-	# check for subdomainfs version of module
-	grep -qE "^($modules)[[:space:]]" /proc/modules
-	
-	if [ $? -ne 0 ] ; then
-		ls /sys/module/apparmor 2>/dev/null | grep -qE "^($modules)"
-	fi
+	local module=$1
 
+	test -d "/sys/module/$module"
 	return $?
 }
 
@@ -256,13 +241,8 @@ is_apparmor_loaded() {
 		return 0
 	fi
 
-	if [ -f "${SUBDOMAINFS_MOUNTPOINT}/profiles" ]; then
-		SFS_MOUNTPOINT=${SUBDOMAINFS_MOUNTPOINT}
-		return 0
-	fi
-
 	# check for subdomainfs version of module
-	is_apparmor_present apparmor subdomain
+	is_apparmor_present ${MODULE}
 
 	return $?
 }