[apparmor] [PATCH 1/4] Fix the case where no flags match

[John Johansen]

Currently the backend doesn't like it (blows up) when the a vector entry is
empty.  For the case where no flags match build_mnt_flags generates an
alternation of an impossible entry and nothing

  (impossible|)

This provides the effect of a null entry without having an empty vector
entry.  Unfortunately the impossible entry is not correct.

Note: how this is done needs to be changed and fixed in the next release
this is just a minimal patch to get it working for 2.8


Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 parser/parser_regex.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/parser/parser_regex.c b/parser/parser_regex.c
index 7a1218c..0e6e449 100644
--- a/parser/parser_regex.c
+++ b/parser/parser_regex.c
@@ -712,6 +712,8 @@ static int build_mnt_flags(char *buffer, int size, unsigned int flags,
 		p += len;
 		size -= len;
 	}
+
+	/* this needs to go once the backend is updated. */
 	if (buffer == p) {
 		/* match nothing - use impossible 254 as regex parser doesn't
 		 * like the empty string
@@ -719,7 +721,7 @@ static int build_mnt_flags(char *buffer, int size, unsigned int flags,
 		if (size < 9)
 			return FALSE;
 
-		strcpy(p, "(\\0xfe|)");
+		strcpy(p, "(\\xfe|)");
 	}
 
 	return TRUE;
-- 
1.7.9.1