[apparmor] [patch 08/12] Refactor rule accumulation to use some helper functions
john.johansen at canonical.com
john.johansen at canonical.com
Fri Aug 15 19:20:43 UTC 2014
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
parser/libapparmor_re/aare_rules.cc | 28 ++++++++++++++++++----------
parser/libapparmor_re/aare_rules.h | 1 +
2 files changed, 19 insertions(+), 10 deletions(-)
--- 2.9-test.orig/parser/libapparmor_re/aare_rules.cc
+++ 2.9-test/parser/libapparmor_re/aare_rules.cc
@@ -76,6 +76,21 @@
#undef RESET_FLAGS
}
+void aare_rules::add_to_rules(Node *tree, Node *perms)
+{
+ if (reverse)
+ flip_tree(tree);
+ if (root)
+ root = new AltNode(root, new CatNode(tree, perms));
+ else
+ root = new CatNode(tree, perms);
+}
+
+static Node *cat_with_null_seperator(Node *l, Node *r)
+{
+ return new CatNode(new CatNode(l, new CharNode(0)), r);
+}
+
bool aare_rules::add_rule_vec(int deny, uint32_t perms, uint32_t audit,
int count, const char **rulev, dfaflags_t flags)
{
@@ -89,13 +104,9 @@
return false;
for (int i = 1; i < count; i++) {
Node *subtree = NULL;
- Node *node = new CharNode(0);
- if (!node)
- return false;
- tree = new CatNode(tree, node);
if (regex_parse(&subtree, rulev[i]))
- return false;
- tree = new CatNode(tree, subtree);
+ return 0;
+ tree = cat_with_null_seperator(tree, subtree);
}
/*
@@ -200,10 +211,7 @@
cerr << "\n\n";
}
- if (root)
- root = new AltNode(root, new CatNode(tree, accept));
- else
- root = new CatNode(tree, accept);
+ add_to_rules(tree, accept);
rule_count++;
--- 2.9-test.orig/parser/libapparmor_re/aare_rules.h
+++ 2.9-test/parser/libapparmor_re/aare_rules.h
@@ -28,6 +28,7 @@
class aare_rules {
Node *root;
+ void add_to_rules(Node *tree, Node *perms);
public:
int reverse;
int rule_count;
More information about the AppArmor
mailing list