[apparmor] [patch] fix aa-decode stdin handling

Christian Boltz apparmor at cboltz.de
Wed Oct 10 00:24:48 UTC 2012 

Hello,

Am Dienstag, 9. Oktober 2012 schrieb Steve Beattie:
> On Wed, Oct 03, 2012 at 02:00:34AM +0200, Christian Boltz wrote:
> > the attached patch fixes aa-decode stdin handling.

> Realistically, this ought to be converted to one of the P* languages,
> given the difficulties around quoting and embedding sed statements.

Come on - it's much more funny in bash code ;-)

> That said, one thing aa-decode is lacking, even with your patch, is
> support for encoded profile names (yes, they too can have embedded
> spaces etc. in them). Attached is an updated version of your patch
> to fix that; it uses sed in the echo line, but still needs bash
> variable replacement to do the escaping of any embedded '^'s in the
> encoded string to not conflict with the sed separators.

Supporting encoded profile names is a good idea, using sed isn't ;-)

A'm attaching the next version of the patch.

Changes compared to my first patch:
- replace tr calls by perl's uc() (also for non-stdin mode)                                                                                                  
- also handle encoded profile names (introduced by Steve)
- don't fail if a file or profile name contains a '

BTW: I intentionally added the "name=" part in the replacement
    line="${line/name=$ne/name=\"$nd\"}"
It might look superfluous, but it ensures that the correct part is 
replaced.

> Also attached is a second patch that adds a testscript (written in
> Python) that tests a few variant cases (including embedded '^'s).
> It gets run autmatically under the check target, though can be run
> directly. (A nice feature to add to it would be to premit overriding
> the location of the aa-decode binary to be tested on the command
> line.)

I didn't test the testscript yet, but having one is a good idea ;-)


Regards,

Christian Boltz
-- 
Wenn es jemand gibt, der Facebook derzeit noch stoppen kann, dann wohl
Google. Regentraufen- und Pestcholera-Vergleich bitte hier einfügen.
[http://praegnanz.de/weblog/ein-tag-vier-interessante-news]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: aa-decode.diff
Type: text/x-patch
Size: 3189 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20121010/954b0a9d/attachment.bin>

More information about the AppArmor mailing list