[apparmor] [patch] fix crash in aa-genprof

Seth Arnold seth.arnold at canonical.com
Wed May 21 21:25:52 UTC 2014 

On Wed, May 21, 2014 at 11:05:20PM +0200, Christian Boltz wrote:
> Hello,
> 
> this patch fixes autodep() in aa.py which fills filelist[] with a wrong 
> structure (one nesting level missing), which then causes aa-genprof to 
> crash when pressing "s" for "scan".
> 
> References: 
> https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1319829
> 
> 
> BTW: We should document the internal structure of our more 
> interesting[tm] variables. filelist is one of them (and probably still 
> the easiest one)

Better would be to move away from Perl-style "everything is a hashtable"
and use classes and member variables. There'd be a whole lot less to
document if the structure of the data is clear.

> BTW2: something like add_to_filelist() (or convert filelist to a class 
> and use filelist.add()) would be even better - add_to_filelist() is easy 
> to implement (more or less - it seems the various parts of a profile 
> have different nesting depth), converting to a class is a bit more work. 
> (Opinions? Volunteers?)
> 
> BTW3: It seems the reporter found another crash after fixing this one. 
> That will be another patch ;-)

Thanks :)

> 
> 
> === modified file 'utils/apparmor/aa.py'                                                                                                                     
> --- utils/apparmor/aa.py        2014-04-26 11:05:55 +0000                                                                                                    
> +++ utils/apparmor/aa.py        2014-05-19 01:02:56 +0000                                                                                                    
> @@ -583,7 +583,8 @@                                                                                                                                          
>          if not filelist.get(file, False):                                                                                                                   
>              filelist[file] = hasher()                                                                                                                       
>          filelist[file]['include']['tunables/global'] = True                                                                                                 
> -        filelist[file]['profiles'][pname] = True
> +        filelist[file]['profiles'][pname] = hasher()
> +        filelist[file]['profiles'][pname][pname] = True
>      write_profile_ui_feedback(pname)
>  
>  def get_profile_flags(filename, program):
> 
> 
> 

Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140521/ead0c9de/attachment.pgp>

More information about the AppArmor mailing list