[apparmor] [patch] Fix dfa minimization

John Johansen john.johansen at canonical.com
Thu Jan 9 23:08:10 UTC 2014


On 01/08/2014 09:06 PM, John Johansen wrote:
> On 01/08/2014 02:50 PM, Steve Beattie wrote:
>> On Sat, Jan 04, 2014 at 03:09:43AM -0800, John Johansen wrote:
>>> And the patch (yes I died a little with this one, guess what code is now on
>>> my hit list). And yes it is just removing casting from the one line and
>>> changing it in the macro
>>>
>>> Signed-off-by: John Johansen <john.johansen at canonical.com>
>>>
>>> oh and nominated for the 2.8 series as well
>>

And a slight revision to the previous patch. The free entry list tracking
wasn't being correctly resized to be the same as the next/check table
which lead to some problems if the optimal value was < 256


=== modified file 'parser/libapparmor_re/chfa.cc'
--- parser/libapparmor_re/chfa.cc	2013-12-28 11:37:22 +0000
+++ parser/libapparmor_re/chfa.cc	2014-01-09 11:07:45 +0000
@@ -98,10 +98,10 @@
 	default_base.push_back(make_pair(dfa.nonmatching, 0));
 	num.insert(make_pair(dfa.nonmatching, num.size()));
 
-	accept.resize(dfa.states.size());
-	accept2.resize(dfa.states.size());
-	next_check.resize(optimal);
-	free_list.resize(optimal);
+	accept.resize(max(dfa.states.size(),2ul));
+	accept2.resize(max(dfa.states.size(),2ul));
+	next_check.resize(max(optimal,256ul));
+	free_list.resize(next_check.size());
 
 	accept[0] = 0;
 	accept2[0] = 0;

=== modified file 'parser/parser_interface.c'
--- parser/parser_interface.c	2013-10-14 21:37:48 +0000
+++ parser/parser_interface.c	2014-01-09 01:28:22 +0000
@@ -363,7 +363,7 @@
 	return 1;
 }
 
-#define align64(X) (((size_t) (X) + (size_t) 7) & ~((size_t) 7))
+#define align64(X) (((X) + (typeof(X)) 7) & ~((typeof(X)) 7))
 inline int sd_write_aligned_blob(sd_serialize *p, void *b, int buf_size,
 				 const char *name)
 {
@@ -371,7 +371,7 @@
 	u32 tmp;
 	if (!sd_write_name(p, name))
 		return 0;
-	pad = align64(((long)(p->pos + 5) - (long)(p->buffer)) - ((long)(p->pos + 5) - (long)(p->buffer)));
+	pad = align64(p->pos + 5 - p->buffer) - (p->pos + 5 - p->buffer);
 	if (!sd_prepare_write(p, SD_BLOB, 4 + buf_size + pad))
 		return 0;
 	tmp = cpu_to_le32(buf_size + pad);





More information about the AppArmor mailing list