[apparmor] [patch 01/21] Convert mount and dbus to be subclasses of a generic rule class
John Johansen
john.johansen at canonical.com
Mon Mar 24 23:15:42 UTC 2014
On 03/24/2014 04:08 PM, Steve Beattie wrote:
> On Mon, Mar 24, 2014 at 03:31:38PM -0700, Steve Beattie wrote:
>> Hi,
>>
>> On Mon, Mar 17, 2014 at 04:29:11PM -0700, john.johansen at canonical.com wrote:
>>> This will simplify add new features as most of the code can reside in
>>> its own class. There are still things to improve but its a start.
>>>
>>> Signed-off-by: John Johansen <john.johansen at canonical.com>
>>
>> I've not reviewed this patch much at all, but after applying it,
>> valgrind is offering complaints like the following when dealing with
>> profiles with mount rules:
>>
>> ==27919== Conditional jump or move depends on uninitialised value(s)
>> ==27919== at 0x805CDC1: mnt_rule::mnt_rule(cond_entry*, char*, cond_entry*, char*, int) (mount.c:436)
>> ==27919== by 0x805674E: do_mnt_rule(cond_entry*, char*, cond_entry*, char*, int) (parser_yacc.y:1389)
>> ==27919== by 0x8057937: yyparse() (parser_yacc.y:1133)
>> ==27919== by 0x8053916: process_profile(int, char const*) (parser_main.c:1003)
>> ==27919== by 0x804B20E: main (parser_main.c:1340)
>>
>> I believe something like the following patch is needed:
>
> Doing this consistently with the other initializers for the mount
> class instead:
>
> Signed-off-by: Steve Beattie <steve at nxnw.org>
Acked-by: John Johansen <john.johansen at canonical.com>
>
> Index: apparmor/parser/mount.c
> ===================================================================
> --- apparmor.orig/parser/mount.c 2014-03-24 15:24:19.000000000 -0700
> +++ apparmor/parser/mount.c 2014-03-24 16:05:06.227815297 -0700
> @@ -397,7 +397,7 @@
> struct cond_entry *dst_conds __unused, char *mnt_point_p,
> int allow_p):
> mnt_point(mnt_point_p), device(device_p), trans(NULL), opts(NULL),
> - audit(0), deny(0)
> + flags(0), inv_flags(0), audit(0), deny(0)
> {
> /* FIXME: dst_conds are ignored atm */
> aa_class = AA_CLASS_MOUNT;
>
>
>
>
More information about the AppArmor
mailing list