[apparmor] [PATCH 2/6] parser: parser clean up add_named_transition()
Tyler Hicks
tyhicks at canonical.com
Fri Mar 4 08:16:37 UTC 2016
The add_named_transition function was written in a way that is difficult
to understand while attempting to read the function. This patch attempts
to clean it up.
First, this patch removes this confusing code flow issue:
if (!entry->ns) { ... }
if (entry->ns) { ... } else { ... }
It then unifies the way that the ns and nt_name strings of the cod_entry
struct are handled prior to calling add_entry_to_x_table() and/or
returning. ns and nt_name are now guaranteed to be NULL before
performing either of those actions.
Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
---
parser/parser_policy.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/parser/parser_policy.c b/parser/parser_policy.c
index 5e4add6..292abff 100644
--- a/parser/parser_policy.c
+++ b/parser/parser_policy.c
@@ -118,10 +118,16 @@ static int add_named_transition(Profile *prof, struct cod_entry *entry)
}
sprintf(name, "%s//%s", prof->name, entry->nt_name);
free(entry->nt_name);
- entry->nt_name = name;
+ entry->nt_name = NULL;
+ } else {
+ /**
+ * pass control of the memory pointed to by nt_name
+ * from entry to add_entry_to_x_table()
+ */
+ name = entry->nt_name;
+ entry->nt_name = NULL;
}
- }
- if (entry->ns) {
+ } else {
name = (char *) malloc(strlen(entry->ns) + strlen(entry->nt_name) + 3);
if (!name) {
PERROR("Memory allocation error\n");
@@ -132,8 +138,6 @@ static int add_named_transition(Profile *prof, struct cod_entry *entry)
free(entry->nt_name);
entry->ns = NULL;
entry->nt_name = NULL;
- } else {
- name = entry->nt_name;
}
return add_entry_to_x_table(prof, name);
@@ -164,8 +168,6 @@ void post_process_file_entries(Profile *prof)
mode |= SHIFT_MODE(n << 10, AA_OTHER_SHIFT);
entry->mode = ((entry->mode & ~AA_ALL_EXEC_MODIFIERS) |
(mode & AA_ALL_EXEC_MODIFIERS));
- entry->ns = NULL;
- entry->nt_name = NULL;
}
/* FIXME: currently change_profile also implies onexec */
cp_mode |= entry->mode & (AA_CHANGE_PROFILE);
--
2.7.0
More information about the AppArmor
mailing list