[apparmor] [patch] Fix crash in serialize_profile_from_old_profiles()
Seth Arnold
seth.arnold at canonical.com
Wed Apr 8 22:25:07 UTC 2015
On Thu, Apr 09, 2015 at 12:04:13AM +0200, Christian Boltz wrote:
>
> The patch wraps the hasher usage with a check for the parent element to
> avoid auto-creation of empty childs, which then lead to the above crash.
This also changes the indent level of two of the tests -- is that
intentional?
Thanks
>
> BTW: This is another issue uncovered by the LibreOffice profile ;-)
>
> I propose this patch for trunk and 2.9
>
>
> [ 36-fix-crash-in-serialize_profile_from_old_profiles.diff ]
>
> === modified file utils/apparmor/aa.py
> --- utils/apparmor/aa.py 2015-04-08 23:19:51.430530492 +0200
> +++ utils/apparmor/aa.py 2015-04-08 23:46:19.106608343 +0200
> @@ -4125,14 +4125,17 @@
> else:
> tmpmode = str_to_mode(mode)
>
> - if not write_prof_data[hat][allow]['path'][path].get('mode', set()) & tmpmode:
> + if not write_prof_data[hat][allow]['path'].get(path):
> correct = False
> + else:
> + if not write_prof_data[hat][allow]['path'][path].get('mode', set()) & tmpmode:
> + correct = False
>
> - if nt_name and not write_prof_data[hat][allow]['path'][path].get('to', False) == nt_name:
> - correct = False
> + if nt_name and not write_prof_data[hat][allow]['path'][path].get('to', False) == nt_name:
> + correct = False
>
> - if audit and not write_prof_data[hat][allow]['path'][path].get('audit', set()) & tmpmode:
> - correct = False
> + if audit and not write_prof_data[hat][allow]['path'][path].get('audit', set()) & tmpmode:
> + correct = False
>
> if correct:
> if not segments['path'] and True in segments.values():
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150408/66b94e6a/attachment.pgp>
More information about the AppArmor
mailing list