[apparmor] [PATCH 1/2] libaalogparse: Parse dbus-daemon audit messages

Tyler Hicks tyhicks at canonical.com
Fri Aug 9 05:22:11 UTC 2013 

On 2013-08-08 19:07:06, Tyler Hicks wrote:
> On 2013-08-08 18:17:08, Seth Arnold wrote:
> > On Thu, Aug 01, 2013 at 12:31:30AM -0700, Tyler Hicks wrote:
> > > +	| TOK_KEY_TERMINAL TOK_EQUALS safe_string
> > > +	{ free($3); /* Ignore - TTY from user AVC messages */ }
> > > +	| TOK_KEY_EXE TOK_EQUALS safe_string
> > > +	{ /* Free existing arrays because exe= and comm= maps to the same
> > > +	     aa_log_record member */
> > > +	  free(ret_record->comm);
> > > +	  ret_record->comm = $3;
> > > +	}
> > >  	| TOK_KEY_COMM TOK_EQUALS safe_string
> > > -	{ ret_record->comm = $3;}
> > > +	{ /* Free existing arrays because exe= and comm= maps to the same
> > > +	     aa_log_record member */
> > > +	  free(ret_record->comm);
> > > +	  ret_record->comm = $3;
> > > +	}
> > 
> > The actions for TOK_KEY_COMM and TOK_KEY_EXE are the same, we could
> > combine them into one action block.
> 
> Good catch, I incorporated the patch below into the greater patch:
> 
> diff --git a/libraries/libapparmor/src/grammar.y b/libraries/libapparmor/src/grammar.y
> index a9b1176..de75143 100644
> --- a/libraries/libapparmor/src/grammar.y
> +++ b/libraries/libapparmor/src/grammar.y
> @@ -297,11 +297,6 @@ key: TOK_KEY_OPERATION TOK_EQUALS TOK_QUOTED_STRING
>  	| TOK_KEY_TERMINAL TOK_EQUALS safe_string
>  	{ free($3); /* Ignore - TTY from user AVC messages */ }
>  	| TOK_KEY_EXE TOK_EQUALS safe_string
> -	{ /* Free existing arrays because exe= and comm= maps to the same
> -	     aa_log_record member */
> -	  free(ret_record->comm);
> -	  ret_record->comm = $3;
> -	}
>  	| TOK_KEY_COMM TOK_EQUALS safe_string
>  	{ /* Free existing arrays because exe= and comm= maps to the same
>  	     aa_log_record member */
> 
> 

Oops... Seth and I chatted this over in IRC and concluded that we can't
combine these two actions. So, I've reverted this change.

Tyler
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130808/db353427/attachment.pgp>

More information about the AppArmor mailing list