[apparmor] [patch 10/13] parser - terminate search early if wildcards are discovered
John Johansen
john.johansen at canonical.com
Mon Oct 14 08:35:03 UTC 2013
On 10/10/2013 01:46 PM, Steve Beattie wrote:
> This patch is a very minor optimization to the search to determine
> whether a given rule is an exact match or not. If a wildcard rule
> (i.e. an inexact match) is discovered, exact_match is set to 0,
> so we don't need to continue the tree traversal.
>
> Signed-off-by: Steve Beattie <steve at nxnw.org>
Acked-by: John Johansen <john.johansen at canonical.com>
> ---
> parser/libapparmor_re/aare_rules.cc | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> Index: b/parser/libapparmor_re/aare_rules.cc
> ===================================================================
> --- a/parser/libapparmor_re/aare_rules.cc
> +++ b/parser/libapparmor_re/aare_rules.cc
> @@ -1,7 +1,7 @@
> /*
> * (C) 2006, 2007 Andreas Gruenbacher <agruen at suse.de>
> * Copyright (c) 2003-2008 Novell, Inc. (All rights reserved)
> - * Copyright 2009-2012 Canonical Ltd.
> + * Copyright 2009-2013 Canonical Ltd. (All rights reserved)
> *
> * The libapparmor library is licensed under the terms of the GNU
> * Lesser General Public License, version 2.1. Please see the file
> @@ -123,7 +123,7 @@ int aare_add_rule_vec(aare_ruleset_t *ru
> * on how we split permission bitmasks here.
> */
> exact_match = 1;
> - for (depth_first_traversal i(tree); i; i++) {
> + for (depth_first_traversal i(tree); i && exact_match; i++) {
> if (dynamic_cast<StarNode *>(*i) ||
> dynamic_cast<PlusNode *>(*i) ||
> dynamic_cast<AnyCharNode *>(*i) ||
>
>
> -- AppArmor mailing list AppArmor at lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
More information about the AppArmor
mailing list