[apparmor] [patch] Prevent crash caused by by serialize_profile_from_old_profile()

Christian Boltz apparmor at cboltz.de
Sat Feb 20 12:44:24 UTC 2016


Am Freitag, 19. Februar 2016, 16:12:23 CET schrieb Seth Arnold:
> On Tue, Dec 22, 2015 at 12:17:40AM +0100, Christian Boltz wrote:
> > Therefore this patch wraps the serialize_profile_from_old_profile()
> > call in try/except. If it fails, the diff will include an error
> > message and recommend to use 'View Changes b/w (C)lean profiles'
> > instead, which is known to work.
> What does "b/w" mean? beziehungsweise?

between (no idea why it's shortened this way, I just copied the original 
option name from aa-logprof to stay consistent)

> > Note: I know using an error message as 'newprofile' isn't an usual
> > way to display an error message, but I found it more intuitive than
> > displaying it as a warning (without $PAGER).
> > 
> > 
> > References:
> > https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1528139
> > 
> > 
> > I propose this patch for trunk and 2.10
> > (2.9 "just" displays a wrong diff, but doesn't crash.)
> Well, uh, begrudging ack for trunk and 2.10. Not-crashing is better
> than crashing..

Indeed ;-)

I already wrote that the long-term solution is a complete rewrite of 
serialize_profile_from_old_profile(), but that has to wait until we have 
rule classes for everything.

> Acked-by: Seth Arnold <seth.arnold at canonical.com>


Christian Boltz
<hendersj> I guess part of the question then becomes what the ultimate
           purpose of the board is. I've always been under the
           impression that they guide the project
<suseROCKs> hendersj,    "What's the meaning of life" is a much less
            complex question  :-D
[from #opensuse-project]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160220/d6a2e25a/attachment.pgp>

More information about the AppArmor mailing list