[apparmor] [patch] fix crash in save_profiles()

Christian Boltz apparmor at cboltz.de
Sun Jul 13 13:00:09 UTC 2014


this patch fixes a crash in aa-logprof (to be exact: save_profiles() in 
aa.py) when saving the remaining profile after using "save selected 

When using "save selected profile", write_profile() (called by 
write_profile_ui_feedback()) does "changed.pop(profile_name)". 
However, saving the remaining profiles in save_profiles() uses a cached 
version of changed.keys() and therefore tries to save a profile that 
was already saved and is no longer part of "changed".

Here's what save_profiles() does:

    changed_list = sorted(changed.keys())
                if ans == 'CMD_SAVE_SELECTED':
                    profile_name = list(changed.keys())[arg]

Note that write_profile_ui_feedback() calls write_profile(), which does 

            for profile_name in changed_list:

When finally saving the remaining profiles, the outdated changed_list 
is used.

The patch also removes two commented lines we'll never need again:
- #changed.pop is done in write_profile()
- q['options'] is set some lines above

References: https://bugs.launchpad.net/apparmor/+bug/1341178

=== modified file 'utils/apparmor/aa.py'                                                                                                                     
--- utils/apparmor/aa.py        2014-06-20 11:36:35 +0000                                                                                                    
+++ utils/apparmor/aa.py        2014-07-13 12:44:54 +0000                                                                                                    
@@ -2361,8 +2361,6 @@                                                                                                                                        
                     profile_name = list(changed.keys())[arg]                                                                                                
-                    #changed.pop(profile_name)                                                                                                              
-                    #q['options'] = changed                                                                                                                 

                 elif ans == 'CMD_VIEW_CHANGES':                                                                                                             
                     which = list(changed.keys())[arg]
@@ -2382,7 +2380,7 @@
                     display_changes(oldprofile, newprofile)
-            for profile_name in changed_list:
+            for profile_name in sorted(changed.keys()):


Christian Boltz
Machen wir einen Club "utf-8 geplagte Perl-Programmierer" auf?
[Bernhard Walle in suse-programming]

More information about the AppArmor mailing list