[apparmor] PATCH [1/6] - Stop flex from dumping to stdout when audit_id doesn't parse as expected
Steve Beattie
steve at nxnw.org
Thu Sep 9 22:07:12 BST 2010
On Thu, Sep 09, 2010 at 08:30:52AM -0700, John Johansen wrote:
> The scanner will dump unmatched text from <audit_id> is encountered.
>
>
> Index: libapparmor/src/scanner.l
> ===================================================================
> --- libapparmor.orig/src/scanner.l 2010-09-09 08:13:42.334193402 -0700
> +++ libapparmor/src/scanner.l 2010-09-09 08:13:46.584193399 -0700
> @@ -194,6 +194,7 @@
> {period} { return(TOK_PERIOD); }
> {open_paren} { return(TOK_OPEN_PAREN); }
> {close_paren} { yy_pop_state(yyscanner); return(TOK_CLOSE_PAREN); }
> + . { BEGIN(unknown_message); yyless(0); /* dump the rest */ }
> }
>
> <sub_id>{
ACK from me for 2.5.1, here's a (bzr diff generated) patch for a testcase to cover this:
=== added file 'libraries/libapparmor/testsuite/test_multi/avc_audit_invalid_audit_id.err'
=== added file 'libraries/libapparmor/testsuite/test_multi/avc_audit_invalid_audit_id.in'
--- libraries/libapparmor/testsuite/test_multi/avc_audit_invalid_audit_id.in 1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/avc_audit_invalid_audit_id.in 2010-09-09 20:55:19 +0000
@@ -0,0 +1,1 @@
+type=AVC msg=audit(12799========================8288.415:39): apparmor="DENIED" operation="open" parent=12332 profile="/usr/sbin/cupsd" name="/home/user/.ssh/" pid=12333 comm="ls" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000
=== added file 'libraries/libapparmor/testsuite/test_multi/avc_audit_invalid_audit_id.out'
--- libraries/libapparmor/testsuite/test_multi/avc_audit_invalid_audit_id.out 1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/avc_audit_invalid_audit_id.out 2010-09-09 20:57:49 +0000
@@ -0,0 +1,5 @@
+START
+File: test_multi/avc_audit_invalid_audit_id.in
+Event type: AA_RECORD_INVALID
+Epoch: 0
+Audit subid: 0
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/apparmor/attachments/20100909/5c621b1c/attachment.pgp
More information about the AppArmor
mailing list