mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 01:57:43 +00:00
Code Issues Releases Wiki Activity
apparmor/parser
History
Georgia Garcia d9866f0a24 parser: fix leaking disconnected paths when merging 
Valgrind showed that the disconnected paths variables were leaking
during the merge. That happened because flagvals did not implement a
destructor freeing the variables, so they leaked. flagvals cannot
implement a destructor, because that would make it a non-trivial union
member and parser_yacc.y would not compile. This patch implements a
"clear" function that is supposed to act as the destructor.

$ /usr/bin/valgrind --leak-check=full --error-exitcode=151 ../apparmor_parser -Q -I simple_tests/ -M ./features_files/features.all flags_ok_disconnected_ipc15.sd
...
==3708747== 5 bytes in 1 blocks are definitely lost in loss record 1 of 11
==3708747==    at 0x4846828: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3708747==    by 0x492E35E: strdup (strdup.c:42)
==3708747==    by 0x14C74E: set_disconnected_path (profile.h:188)
==3708747==    by 0x14C74E: flagvals::init(char const*) (profile.h:223)
==3708747==    by 0x14859B: yyparse() (parser_yacc.y:592)
==3708747==    by 0x141A99: process_profile(int, aa_kernel_interface*, char const*, aa_policy_cache*) (parser_main.c:1187)
==3708747==    by 0x135421: main (parser_main.c:1771)
...

Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
2025-08-06 19:15:37 -03:00
..
libapparmor_re
Fix whitespace in hfa.h
2025-07-31 21:28:03 +02:00
po
Import translations from launchpad
2025-02-24 01:28:04 -08:00
tst
parser: fix variable expansion
2025-07-31 18:04:16 -03:00
aa-teardown
aa-teardown: Replace /bin/bash with /bin/sh
2018-05-05 17:46:19 -07:00
aa-teardown.pod
docs: update documentation to point bug reporting to gitlab
2020-05-05 00:10:53 -07:00
af_rule.cc
parser: consolidate rule class handling into aa_class
2023-03-31 02:21:19 -07:00
af_rule.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
af_unix.cc
fix: avoid using namespace std; in header files
2025-05-04 23:14:36 +09:00
af_unix.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
all_rule.cc
parser: make ix of file, rule have lower priority so it can be overridden
2024-08-14 18:21:26 -07:00
all_rule.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
apparmor_parser.pod
fix typo: aggressive
2024-03-29 10:52:25 +01:00
apparmor_xattrs.pod
apparmor_xattrs.7: fix whatis entry
2020-10-25 11:54:47 +00:00
apparmor.d.pod
Deduplicate example rules in apparmor.d manpage
2025-06-11 14:34:20 +02:00
apparmor.pod
Replace 'scrub the environment' wording in man pages with something more accurate
2024-08-28 11:22:08 -07:00
apparmor.service
Add Documentation=... to apparmor.service
2023-10-29 10:49:33 +01:00
apparmor.systemd
apparmor.systemd: fix shellcheck false positive
2024-04-30 18:30:01 -03:00
base_af_names.h
Add 'mctp' network domain keyword
2022-02-08 19:09:24 +01:00
base_cap_names.h
parser: Add support for CAP_CHECKPOINT_RESTORE
2020-10-13 21:30:19 -07:00
bignum.h
parser: fix coverity issues found in snapshot 70858
2024-02-28 10:24:08 -03:00
capability.h
Make capabilities tracker into a class
2024-11-08 14:55:43 -08:00
common_flags.h
parser: Cleanup parser control flags, so they display as expected to user
2023-07-08 19:58:59 -07:00
common_optarg.c
parser: change priority so that it accumulates based on permissions
2025-02-06 11:02:20 -08:00
common_optarg.h
parser: Cleanup parser control flags, so they display as expected to user
2023-07-08 19:58:59 -07:00
cond_expr.cc
parser: refactor variables and symbols table into their own class
2025-06-25 12:29:17 -03:00
cond_expr.h
parser: refactor conditional logic into its own class
2024-08-14 17:22:48 -03:00
COPYING.GPL
rpmlint complains about an outdated FSF address in parser/COPYING.GPL.
2011-11-27 13:52:06 +01:00
dbus.cc
parser: minimization - remove unnecessary second minimization pass
2024-08-14 17:15:24 -07:00
dbus.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
default_features.c
parser: Move to a pre-generated cap_names.h
2020-07-07 09:43:48 -07:00
file_cache.h
fix: avoid using namespace std; in header files
2025-05-04 23:14:36 +09:00
frob_slack_rc
as ACKed on IRC, drop the unused $Id$ tags everywhere
2010-12-20 12:29:10 -08:00
immunix.h
parser: change priority so that it accumulates based on permissions
2025-02-06 11:02:20 -08:00
io_uring.cc
parser: fix rule priority destroying rule permissions for some classes
2024-08-15 03:51:20 -07:00
io_uring.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
lib.c
fix: avoid using namespace std; in header files
2025-05-04 23:14:36 +09:00
lib.h
libapparmor: Use directory file descriptor in _aa_dirat_for_each()
2015-06-15 15:11:51 -05:00
Makefile
parser: refactor variables and symbols table into their own class
2025-06-25 12:29:17 -03:00
mount.cc
Merge parser: drop dead code in mount.cc
2025-08-05 08:31:10 +00:00
mount.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
mqueue.cc
parser: add label to mqueue debug output
2025-04-14 09:48:15 -03:00
mqueue.h
Merge parser: enable create perm when label is defined
2025-05-12 08:00:11 +00:00
network.cc
parser: fix mapping of AA_CONT_MATCH for policydb compat entries
2024-11-06 12:33:36 -08:00
network.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
parser_alias.c
parser: free leaking cod_entry in case of failure in do_alias
2025-08-04 18:55:58 -03:00
parser_common.c
parser: drop support for prompt_compat_permsv1, and prompt_compat_dev
2025-07-31 10:23:22 -07:00
parser_include.c
Make parser_include push_include_stack take const char because it doesn't actually modify it
2024-10-28 12:35:26 +01:00
parser_include.h
Make parser_include push_include_stack take const char because it doesn't actually modify it
2024-10-28 12:35:26 +01:00
parser_interface.c
parser: fix xtable generation
2025-07-31 10:23:22 -07:00
parser_lex.l
fix: avoid using namespace std; in header files
2025-05-04 23:14:36 +09:00
parser_main.c
parser: drop support for prompt_compat_permsv1, and prompt_compat_dev
2025-07-31 10:23:22 -07:00
parser_merge.c
parser: fix priority for file rules.
2024-12-22 15:02:04 -08:00
parser_misc.c
parser: refactor variables and symbols table into their own class
2025-06-25 12:29:17 -03:00
parser_policy.c
parser: drop support for prompt_compat_permsv1, and prompt_compat_dev
2025-07-31 10:23:22 -07:00
parser_regex.c
parser: drop unused create_welded_dfablob and related code
2025-07-31 10:23:22 -07:00
parser_symtab.c
parser: refactor variables and symbols table into their own class
2025-06-25 12:29:17 -03:00
parser_variable.c
parser: fix leaks in deleted variables
2025-08-04 18:55:58 -03:00
parser_yacc.y
parser: fix leaking disconnected paths when merging
2025-08-06 19:15:37 -03:00
parser.conf
Revert "policy: pin policy to 4.0 abi for dev"
2023-07-19 17:37:24 -03:00
parser.h
parser: refactor variables and symbols table into their own class
2025-06-25 12:29:17 -03:00
perms.h
Merge parser: improve libapparmor_re build and dump info
2024-11-15 00:32:30 +00:00
policy_cache.c
Fix wording of some warnings
2020-10-11 12:22:23 +02:00
policy_cache.h
drop unused extern int debug_cache
2021-02-07 16:02:20 +01:00
policydb.h
parser: consolidate rule class handling into aa_class
2023-03-31 02:21:19 -07:00
profile-load
profile-load: use less ambiguous if/then construct
2022-02-15 07:34:17 +00:00
profile.cc
parser: fix leaking disconnected paths when merging
2025-08-06 19:15:37 -03:00
profile.h
parser: fix leaking disconnected paths when merging
2025-08-06 19:15:37 -03:00
ptrace.cc
parser: minimization - remove unnecessary second minimization pass
2024-08-14 17:15:24 -07:00
ptrace.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
rc.apparmor.functions
Support unloading profiles in kill and prompt mode
2025-01-13 18:07:39 +01:00
rc.apparmor.slackware
added missing functions to slackware init script
2019-11-08 13:49:48 +01:00
README
README: Move project contact info into the main README
2018-09-13 16:54:09 +00:00
README.devel
parser: add some developer documentation
2013-12-10 14:15:02 -08:00
rule.cc
parser: consolidate rule class handling into aa_class
2023-03-31 02:21:19 -07:00
rule.h
parser: fix coverity's "not restoring ostream format"
2025-08-04 18:55:58 -03:00
signal.cc
fix: avoid using namespace std; in header files
2025-05-04 23:14:36 +09:00
signal.h
Merge branch 'master' into 'override'
2025-05-07 23:04:59 +00:00
symtab.cc
parser: fix leaks from variable refactoring
2025-07-18 14:56:29 -03:00
symtab.h
parser: refactor variables and symbols table into their own class
2025-06-25 12:29:17 -03:00
techdoc.tex
treewide: spelling/typo fixes in comments and docs
2020-12-01 12:47:11 -08:00
unit_test.h
Convert codomain to a class
2013-09-27 16:16:37 -07:00
userns.cc
parser: fix rule priority destroying rule permissions for some classes
2024-08-15 03:51:20 -07:00
userns.h
fix(inconsistent-missing-override): add missed override specifiers
2025-05-05 17:52:52 +09:00
variable.cc
parser: fix leaking name in variable expansion
2025-08-04 18:55:58 -03:00
variable.h
parser: refactor variables and symbols table into their own class
2025-06-25 12:29:17 -03:00

README 

The apparmor_parser allows you to add, replace, and remove AppArmor
policy through the use of command line options. The default is to add.
`apparmor_parser --help` shows what the command line options are.

You can also find more information at https://wiki.apparmor.net

-- The AppArmor development team