[apparmor] [patch 01/21] Convert mount and dbus to be subclasses of a generic rule class
Steve Beattie
steve at nxnw.org
Mon Mar 24 22:31:38 UTC 2014
Hi,
On Mon, Mar 17, 2014 at 04:29:11PM -0700, john.johansen at canonical.com wrote:
> This will simplify add new features as most of the code can reside in
> its own class. There are still things to improve but its a start.
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
I've not reviewed this patch much at all, but after applying it,
valgrind is offering complaints like the following when dealing with
profiles with mount rules:
==27919== Conditional jump or move depends on uninitialised value(s)
==27919== at 0x805CDC1: mnt_rule::mnt_rule(cond_entry*, char*, cond_entry*, char*, int) (mount.c:436)
==27919== by 0x805674E: do_mnt_rule(cond_entry*, char*, cond_entry*, char*, int) (parser_yacc.y:1389)
==27919== by 0x8057937: yyparse() (parser_yacc.y:1133)
==27919== by 0x8053916: process_profile(int, char const*) (parser_main.c:1003)
==27919== by 0x804B20E: main (parser_main.c:1340)
I believe something like the following patch is needed:
Index: apparmor/parser/mount.h
===================================================================
--- apparmor.orig/parser/mount.h 2014-03-24 15:11:26.219699746 -0700
+++ apparmor/parser/mount.h 2014-03-24 15:15:07.539707688 -0700
@@ -121,7 +121,7 @@
struct value_list *dev_type;
struct value_list *opts;
- unsigned int flags, inv_flags;
+ unsigned int flags = 0, inv_flags = 0;
int allow, audit;
int deny;
This *may* be the source of bugs like
https://bugs.launchpad.net/bugs/1295774 which people are having
problems reproducing.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140324/f4bed321/attachment-0001.pgp>
More information about the AppArmor
mailing list