[apparmor] [PATCH 1/5] Add basic string matching to the hfa
Seth Arnold
seth.arnold at gmail.com
Wed Dec 28 04:13:15 UTC 2011
Yay! I love patches. :)
On Tue, Dec 27, 2011 at 6:49 PM, John Johansen
<john.johansen at canonical.com> wrote:
> Add the ability to match strings directly from the hfa instead of needing
> to build a cfha.
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
> --- a/parser/libapparmor_re/hfa.cc
> +++ b/parser/libapparmor_re/hfa.cc
> @@ -30,6 +30,7 @@
> #include <ostream>
> #include <iostream>
> #include <fstream>
> +#include <string.h>
Should this be <cstring> or <string>? I never figured out the C++ rules.
> #include "expr-tree.h"
> #include "hfa.h"
> @@ -267,6 +268,19 @@ DFA::~DFA()
> delete *i;
> }
>
> +State *DFA::match_len(State *state, const char *str, size_t len)
> +{
> + for (; len > 0; ++str, --len)
> + state = state->next(*str);
> +
> + return state;
> +}
> +
> +State *DFA::match(const char *str)
> +{
> + return match_len(start, str, strlen(str));
> +}
It seems unfortunate to me that this walks the string _twice_ -- once for
strlen, once for the match_len call. Is this me prematurely optimizing? Or
is this a potential performance problem?
Thanks
More information about the AppArmor
mailing list