[apparmor] [PATCH 1/2] parser: Adjust writeu16() to output escaped byte sequences
Seth Arnold
seth.arnold at canonical.com
Wed Aug 27 23:07:07 UTC 2014
On Wed, Aug 27, 2014 at 05:01:45PM -0500, Tyler Hicks wrote:
> The writeu16() function was outputting unescaped byte sequences to the
> rule buffer. That resulted the generation of in an incomplete rule if
> one of those unescaped byte sequences contained 0x00.
>
> This patch uses u8 pointers, instead of char pointers, when writing out
> the big endian u16 value. More importantly, it casts the u8 values to
> unsigned ints, which is what's needed to get the properly escaped byte
> sequences.
>
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
> ---
>
> Before:
>
> $ echo "/t { unix (connect,read,write) type=stream, }" | apparmor_parser -qQD dfa-states
> {1} <== (allow/deny/audit/quiet)
> {2} (0x 4/0/0/0)
> {3} (0x 4/0/0/0)
> {5} (0x 46/0/0/0)
>
> {1} -> {2}: 0x2
> {1} -> {3}: 0x4
> {1} -> {2}: 0x7
> {1} -> {2}: 0x9
> {1} -> {2}: 0xa
> {1} -> {2}: 0x20 \
> {1} -> {4}: 0x34 4
> {3} (0x 4/0/0/0) -> {5}: 0x0
> {4} -> {6}: 0x0
> {6} -> {2}: 0x31 1
>
>
> After (the next patch fixes the pointer values that are being written out):
>
> $ echo "/t { unix (connect,read,write) type=stream, }" | apparmor_parser -qQD dfa-states
> {1} <== (allow/deny/audit/quiet)
> {2} (0x 4/0/0/0)
> {3} (0x 4/0/0/0)
> {43} (0x 46/0/0/0)
> {44} (0x 46/0/0/0)
>
> {1} -> {2}: 0x2
> {1} -> {3}: 0x4
> {1} -> {2}: 0x7
> {1} -> {2}: 0x9
> {1} -> {2}: 0xa
> {1} -> {2}: 0x20 \
> {1} -> {4}: 0x34 4
> {3} (0x 4/0/0/0) -> {5}: 0x0
> {4} -> {6}: 0x0
> {5} -> {7}: 0x1
> {6} -> {2}: 0x31 1
> {7} -> {8}: 0x30 0
> {8} -> {9}: 0x78 x
> {9} -> {10}: 0x37 7
> {10} -> {11}: 0x66 f
> {11} -> {12}: 0x66 f
> {12} -> {13}: 0x66 f
> {13} -> {14}: 0x31 1
> {14} -> {15}: 0x30 0
> {15} -> {16}: 0x34 4
> {16} -> {17}: 0x66 f
> {17} -> {18}: 0x33 3
> {18} -> {19}: 0x35 5
> {19} -> {20}: 0x31 1
> {20} -> {21}: 0x38 8
> {21} -> {22}: 0x0
> {22} -> {23}: 0x1
> {23} -> {24}: 0x30 0
> {24} -> {25}: 0x78 x
> {25} -> {26}: 0x37 7
> {26} -> {27}: 0x66 f
> {27} -> {28}: 0x66 f
> {28} -> {29}: 0x66 f
> {29} -> {30}: 0x31 1
> {30} -> {31}: 0x30 0
> {31} -> {32}: 0x34 4
> {32} -> {33}: 0x66 f
> {33} -> {34}: 0x33 3
> {34} -> {35}: 0x35 5
> {35} -> {36}: 0x31 1
> {36} -> {37}: 0x38 8
> {37} -> {38}: []
> {38} -> {39}: []
> {39} -> {40}: 0x0
> {39} -> {39}: []
> {40} -> {40}: 0x0
> {40} -> {41}: 0x1
> {40} -> {39}: []
> {41} -> {42}: 0x0
> {41} -> {39}: []
> {42} -> {40}: 0x0
> {42} -> {44}: 0x1
> {42} -> {43}: []
> {43} (0x 46/0/0/0) -> {40}: 0x0
> {43} (0x 46/0/0/0) -> {43}: []
> {44} (0x 46/0/0/0) -> {42}: 0x0
> {44} (0x 46/0/0/0) -> {43}: []
>
> parser/af_unix.cc | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/parser/af_unix.cc b/parser/af_unix.cc
> index 34b93a4..7f6c0d0 100644
> --- a/parser/af_unix.cc
> +++ b/parser/af_unix.cc
> @@ -192,9 +192,11 @@ static void warn_once(const char *name)
> std::ostringstream &writeu16(std::ostringstream &o, int v)
> {
> u16 tmp = htobe16((u16) v);
> - char *c = (char *) &tmp;
> - o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << *c++;
> - o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << *c;
> + u8 *byte1 = (u8 *)&tmp;
> + u8 *byte2 = byte1 + 1;
> +
> + o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << static_cast<unsigned int>(*byte1);
> + o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << static_cast<unsigned int>(*byte2);
> return o;
> }
>
> --
> 2.1.0
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140827/d5b444cf/attachment.pgp>
More information about the AppArmor
mailing list