mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
fix miss break #240986. Back out partial commit of dfa matcher support (that was mistakenly submitted)
This commit is contained in:
John Johansen
parent
d1f8df2fa5
commit
20dbc4d8cb
7 changed files with 72 additions and 230 deletions
|
|
@ -77,8 +77,6 @@ OBJECTS = parser_lex.o parser_yacc.o parser_main.o parser_interface.o \
|
|||
parser_include.o parser_merge.o parser_symtab.o parser_misc.o \
|
||||
parser_regex.o parser_variable.o parser_policy.o
|
||||
|
||||
AARE = libapparmor_re/libapparmor_re.a
|
||||
|
||||
PCREDIR= pcre
|
||||
PCREOBJECTS = ${PCREDIR}/pcre.o
|
||||
|
||||
|
|
@ -112,8 +110,8 @@ all: $(LEX_C_FILES) $(YACC_C_FILES) $(TOOLS)
|
|||
$(Q)make -C po all
|
||||
$(Q)make -s tests
|
||||
|
||||
apparmor_parser: $(OBJECTS) $(PCREOBJECTS) $(AARE)
|
||||
$(CC) $(EXTRA_CFLAGS) -o $@ $(OBJECTS) $(PCREOBJECTS) $(LIBS) ${LEXLIB} -Bstatic $(AARE) -lstdc++
|
||||
apparmor_parser: $(OBJECTS) $(PCREOBJECTS)
|
||||
$(CC) $(EXTRA_CFLAGS) -o $@ $(OBJECTS) $(PCREOBJECTS) $(LIBS) ${LEXLIB}
|
||||
|
||||
parser_yacc.c parser_yacc.h: parser_yacc.y parser.h
|
||||
$(YACC) $(YFLAGS) -o parser_yacc.c parser_yacc.y
|
||||
|
|
@ -198,7 +196,7 @@ install-suse:
|
|||
ln -sf /etc/init.d/boot.apparmor $(DESTDIR)/sbin/rcapparmor
|
||||
ln -sf rcapparmor $(DESTDIR)/sbin/rcsubdomain
|
||||
ln -sf /etc/init.d/aaeventd $(DESTDIR)/sbin/rcaaeventd
|
||||
|
||||
|
||||
.PHONY: install-slackware
|
||||
install-slackware:
|
||||
install -m 755 -d $(APPARMOR_BIN_PREFIX)/install
|
||||
|
|
|
|||
|
|
@ -54,9 +54,6 @@
|
|||
#define POS_KERN_COD_MIN (POS_KERN_COD_FILE_MIN
|
||||
#define POS_KERN_COD_MAX (POS_KERN_COD_NET_MAX
|
||||
|
||||
/* Invalid perm permission */
|
||||
#define POS_AA_INVALID_POS 31
|
||||
|
||||
/* Modeled after MAY_READ, MAY_WRITE, MAY_EXEC def'ns */
|
||||
#define KERN_COD_MAY_EXEC (0x01 << POS_KERN_COD_MAY_EXEC)
|
||||
#define KERN_COD_MAY_WRITE (0x01 << POS_KERN_COD_MAY_WRITE)
|
||||
|
|
@ -67,11 +64,9 @@
|
|||
#define KERN_COD_EXEC_PROFILE (0x01 << POS_KERN_COD_EXEC_PROFILE)
|
||||
#define KERN_COD_EXEC_MMAP (0x01 << POS_KERN_COD_EXEC_MMAP)
|
||||
#define KERN_COD_EXEC_UNSAFE (0x01 << POS_KERN_COD_EXEC_UNSAFE)
|
||||
#define AA_EXEC_MODIFIERS (AA_EXEC_INHERIT | \
|
||||
AA_EXEC_UNCONSTRAINED | \
|
||||
AA_EXEC_PROFILE)
|
||||
#define KERN_EXEC_MODIFIERS(X) (X & AA_EXEC_MODIFIERS)
|
||||
|
||||
#define KERN_EXEC_MODIFIERS(X) (X & (KERN_COD_EXEC_INHERIT | \
|
||||
KERN_COD_EXEC_UNCONSTRAINED | \
|
||||
KERN_COD_EXEC_PROFILE))
|
||||
/* Network subdomain extensions. */
|
||||
#define KERN_COD_TCP_CONNECT (0x01 << POS_KERN_COD_TCP_CONNECT)
|
||||
#define KERN_COD_TCP_ACCEPT (0x01 << POS_KERN_COD_TCP_ACCEPT)
|
||||
|
|
@ -82,19 +77,9 @@
|
|||
|
||||
#define KERN_COD_LOGTCP_SEND (0x01 << POS_KERN_COD_LOGTCP_SEND)
|
||||
#define KERN_COD_LOGTCP_RECEIVE (0x01 << POS_KERN_COD_LOGTCP_RECEIVE)
|
||||
#define AA_INVALID_PERM (0x01 << POS_AA_INVALID_POS)
|
||||
|
||||
#define KERN_COD_HAT_SIZE 975 /* Maximum size of a subdomain
|
||||
* ident (hat) */
|
||||
#define AA_MAY_EXEC KERN_COD_MAY_EXEC
|
||||
#define AA_MAY_WRITE KERN_COD_MAY_WRITE
|
||||
#define AA_MAY_READ KERN_COD_MAY_READ
|
||||
#define AA_MAY_LINK KERN_COD_MAY_LINK
|
||||
#define AA_EXEC_INHERIT KERN_COD_EXEC_INHERIT
|
||||
#define AA_EXEC_UNCONSTRAINED KERN_COD_EXEC_UNCONSTRAINED
|
||||
#define AA_EXEC_PROFILE KERN_COD_EXEC_PROFILE
|
||||
#define AA_EXEC_MMAP KERN_COD_EXEC_MMAP
|
||||
#define AA_EXEC_UNSAFE KERN_COD_EXEC_UNSAFE
|
||||
|
||||
enum pattern_t {
|
||||
ePatternBasic,
|
||||
|
|
@ -113,11 +98,4 @@ enum pattern_t {
|
|||
#define HAS_EXEC_MMAP(mode) ((mode) & KERN_COD_EXEC_MMAP)
|
||||
#define HAS_EXEC_UNSAFE(mode) ((mode) & KERN_COD_EXEC_UNSAFE)
|
||||
|
||||
#define AA_NOXMODS_PERM_MASK (AA_MAY_EXEC | AA_MAY_WRITE | \
|
||||
AA_MAY_READ | AA_MAY_LINK | \
|
||||
AA_EXEC_MMAP)
|
||||
#define AA_VALID_PERM_MASK ((1 << (POS_KERN_COD_MAX + 1)) - 1)
|
||||
|
||||
#define SINGLE_BIT_SET(X) (!((X) & ((X) - 1)))
|
||||
#define AA_EXEC_SINGLE_MODIFIER_SET(X) SINGLE_BIT_SET(((X) & AA_EXEC_MODIFIERS))
|
||||
#endif /* ! _IMMUNIX_H */
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@
|
|||
#include <netinet/in.h>
|
||||
#include "pcre/internal.h"
|
||||
#include "immunix.h"
|
||||
#include "libapparmor_re/apparmor_re.h"
|
||||
|
||||
typedef enum pattern_t pattern_t;
|
||||
|
||||
|
|
@ -69,11 +68,6 @@ struct codomain {
|
|||
struct cod_net_entry * net_entries;
|
||||
void *hat_table;
|
||||
//struct codomain *next;
|
||||
|
||||
aare_ruleset_t *dfarules;
|
||||
int dfarule_count;
|
||||
void *dfa;
|
||||
size_t dfa_size;
|
||||
} ;
|
||||
|
||||
struct cod_global_entry {
|
||||
|
|
@ -122,10 +116,6 @@ struct var_string {
|
|||
#define OPTION_REPLACE 3
|
||||
#define OPTION_STDOUT 4
|
||||
|
||||
#define AARE_NONE 0
|
||||
#define AARE_PCRE 1
|
||||
#define AARE_DFA 2
|
||||
|
||||
#ifdef DEBUG
|
||||
#define PDEBUG(fmt, args...) printf("parser: " fmt, ## args)
|
||||
#else
|
||||
|
|
@ -156,7 +146,6 @@ extern char *profilename;
|
|||
|
||||
/* from parser_main */
|
||||
extern int force_complain;
|
||||
extern int regex_type;
|
||||
extern void pwarn(char *fmt, ...) __attribute__((__format__(__printf__, 1, 2)));
|
||||
|
||||
extern int yyparse(void);
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@
|
|||
#define _(s) gettext(s)
|
||||
|
||||
#include "parser.h"
|
||||
#include "libapparmor_re/apparmor_re.h"
|
||||
|
||||
#include <unistd.h>
|
||||
#include <linux/unistd.h>
|
||||
|
|
@ -471,31 +470,6 @@ int sd_serialize_file_entry(sd_serialize *p, struct cod_entry *file_entry)
|
|||
return 1;
|
||||
}
|
||||
|
||||
int sd_serialize_dfa(sd_serialize *p, void *dfa, size_t size)
|
||||
{
|
||||
/* fake up a file entry in regex entry list */
|
||||
PDEBUG("Writing file entry. name '%s'\n", file_entry->name);
|
||||
if (!sd_write_list(p, "pgent"))
|
||||
return 0;
|
||||
if (!sd_write_struct(p, "fe"))
|
||||
return 0;
|
||||
if (!sd_write_string(p, "dfa", NULL))
|
||||
return 0;
|
||||
/* list entry has having all perms but no exec modifiers */
|
||||
if (!sd_write32(p, 0x7fffffff & ~AA_EXEC_MODIFIERS))
|
||||
return 0;
|
||||
if (!sd_write32(p, ePatternRegex))
|
||||
return 0;
|
||||
if (!sd_write_blob(p, dfa, size, "aadfa"))
|
||||
return 0;
|
||||
if (!sd_write_structend(p))
|
||||
return 0;
|
||||
if (!sd_write_listend(p))
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int count_file_ents(struct cod_entry *list)
|
||||
{
|
||||
struct cod_entry *file_entry;
|
||||
|
|
@ -555,55 +529,49 @@ int sd_serialize_profile(sd_serialize *p, struct codomain *profile)
|
|||
if (!sd_write32(p, profile->capabilities))
|
||||
return 0;
|
||||
|
||||
/* either have a single dfa or lists of different entry types */
|
||||
if (profile->dfa) {
|
||||
if (!sd_serialize_dfa(p, profile->dfa, profile->dfa_size))
|
||||
/* pcre globbing entries */
|
||||
if (count_pcre_ents(profile->entries)) {
|
||||
if (!sd_write_list(p, "pgent"))
|
||||
return 0;
|
||||
} else {
|
||||
/* pcre globbing entries */
|
||||
if (count_pcre_ents(profile->entries)) {
|
||||
if (!sd_write_list(p, "pgent"))
|
||||
return 0;
|
||||
for (file_entry = profile->entries; file_entry;
|
||||
file_entry = file_entry->next) {
|
||||
if (file_entry->pattern_type == ePatternRegex) {
|
||||
if (!sd_serialize_file_entry(p, file_entry))
|
||||
return 0;
|
||||
}
|
||||
for (file_entry = profile->entries; file_entry;
|
||||
file_entry = file_entry->next) {
|
||||
if (file_entry->pattern_type == ePatternRegex) {
|
||||
if (!sd_serialize_file_entry(p, file_entry))
|
||||
return 0;
|
||||
}
|
||||
if (!sd_write_listend(p))
|
||||
return 0;
|
||||
}
|
||||
if (!sd_write_listend(p))
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* simple globbing entries */
|
||||
if (count_tailglob_ents(profile->entries)) {
|
||||
if (!sd_write_list(p, "sgent"))
|
||||
return 0;
|
||||
for (file_entry = profile->entries; file_entry;
|
||||
file_entry = file_entry->next) {
|
||||
if (file_entry->pattern_type == ePatternTailGlob) {
|
||||
if (!sd_serialize_file_entry(p, file_entry))
|
||||
return 0;
|
||||
}
|
||||
/* simple globbing entries */
|
||||
if (count_tailglob_ents(profile->entries)) {
|
||||
if (!sd_write_list(p, "sgent"))
|
||||
return 0;
|
||||
for (file_entry = profile->entries; file_entry;
|
||||
file_entry = file_entry->next) {
|
||||
if (file_entry->pattern_type == ePatternTailGlob) {
|
||||
if (!sd_serialize_file_entry(p, file_entry))
|
||||
return 0;
|
||||
}
|
||||
if (!sd_write_listend(p))
|
||||
return 0;
|
||||
}
|
||||
if (!sd_write_listend(p))
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* basic file entries */
|
||||
if (count_file_ents(profile->entries)) {
|
||||
if (!sd_write_list(p, "fent"))
|
||||
return 0;
|
||||
for (file_entry = profile->entries; file_entry;
|
||||
file_entry = file_entry->next) {
|
||||
if (file_entry->pattern_type == ePatternBasic) {
|
||||
if (!sd_serialize_file_entry(p, file_entry))
|
||||
return 0;
|
||||
}
|
||||
/* basic file entries */
|
||||
if (count_file_ents(profile->entries)) {
|
||||
if (!sd_write_list(p, "fent"))
|
||||
return 0;
|
||||
for (file_entry = profile->entries; file_entry;
|
||||
file_entry = file_entry->next) {
|
||||
if (file_entry->pattern_type == ePatternBasic) {
|
||||
if (!sd_serialize_file_entry(p, file_entry))
|
||||
return 0;
|
||||
}
|
||||
if (!sd_write_listend(p))
|
||||
return 0;
|
||||
}
|
||||
if (!sd_write_listend(p))
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (profile->net_entries) {
|
||||
|
|
|
|||
|
|
@ -48,7 +48,6 @@
|
|||
#define MATCH_STRING "/sys/kernel/security/" MODULE_NAME "/matching"
|
||||
#define MOUNTED_FS "/proc/mounts"
|
||||
#define PCRE "pattern=pcre"
|
||||
#define AADFA "pattern=aadfa"
|
||||
|
||||
#define UNPRIVILEGED_OPS (debug || preprocess_only || option == OPTION_STDOUT || names_only || \
|
||||
dump_vars || dump_expanded_vars)
|
||||
|
|
@ -66,8 +65,6 @@ int conf_quiet = 0;
|
|||
char *subdomainbase = NULL;
|
||||
char *profilename;
|
||||
char *match_string = NULL;
|
||||
int regex_type = AARE_NONE;
|
||||
|
||||
extern int current_lineno;
|
||||
|
||||
struct option long_options[] = {
|
||||
|
|
@ -390,7 +387,7 @@ static void get_match_string(void) {
|
|||
|
||||
/* has process_args() already assigned a match string? */
|
||||
if (match_string)
|
||||
goto out;
|
||||
return;
|
||||
|
||||
FILE *ms = fopen(MATCH_STRING, "r");
|
||||
if (!ms)
|
||||
|
|
@ -407,28 +404,22 @@ static void get_match_string(void) {
|
|||
}
|
||||
|
||||
out:
|
||||
if (match_string) {
|
||||
if (strstr(match_string, PCRE))
|
||||
regex_type = AARE_PCRE;
|
||||
|
||||
if (strstr(match_string, AADFA))
|
||||
regex_type = AARE_DFA;
|
||||
}
|
||||
|
||||
if (ms)
|
||||
fclose(ms);
|
||||
fclose(ms);
|
||||
return;
|
||||
}
|
||||
|
||||
/* return 1 --> PCRE should work fine
|
||||
return 0 --> no PCRE support */
|
||||
static int regex_support(void) {
|
||||
static int pcre_support(void) {
|
||||
|
||||
get_match_string();
|
||||
|
||||
/* no match string, predates (or postdates?) the split matching
|
||||
module design */
|
||||
if (!match_string)
|
||||
return 1;
|
||||
|
||||
if (regex_type != AARE_NONE)
|
||||
if (strstr(match_string, PCRE))
|
||||
return 1;
|
||||
|
||||
return 0;
|
||||
|
|
@ -446,9 +437,6 @@ int process_profile(int option, char *profilename)
|
|||
if (retval != 0)
|
||||
goto out;
|
||||
|
||||
/* Get the match string to determine type of regex support needed */
|
||||
get_match_string();
|
||||
|
||||
retval = post_process_policy();
|
||||
if (retval != 0) {
|
||||
PERROR(_("%s: Errors found in file. Aborting.\n"), progname);
|
||||
|
|
@ -482,7 +470,7 @@ int process_profile(int option, char *profilename)
|
|||
if (!subdomainbase && !preprocess_only && !(option == OPTION_STDOUT))
|
||||
find_subdomainfs_mountpoint();
|
||||
|
||||
if (!regex_support()) {
|
||||
if (!pcre_support()) {
|
||||
die_if_any_regex();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -451,9 +451,5 @@ void free_policy(struct codomain *cod)
|
|||
free_hat_table(cod->hat_table);
|
||||
free_cod_entries(cod->entries);
|
||||
free_net_entries(cod->net_entries);
|
||||
if (cod->dfarules)
|
||||
aare_delete_ruleset(cod->dfarules);
|
||||
if (cod->dfa)
|
||||
free(cod->dfa);
|
||||
free(cod);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,6 @@
|
|||
/* #define DEBUG */
|
||||
|
||||
#include "parser.h"
|
||||
#include "libapparmor_re/apparmor_re.h"
|
||||
|
||||
enum error_type {
|
||||
e_no_error,
|
||||
|
|
@ -114,11 +113,10 @@ static void filter_slashes(char *path)
|
|||
}
|
||||
}
|
||||
|
||||
static pattern_t convert_aaregex_to_pcre(const char *aare, int anchor,
|
||||
char *pcre, size_t pcre_size)
|
||||
static int process_regex_entry(struct cod_entry *entry)
|
||||
{
|
||||
#define STORE(_src, _dest, _len) \
|
||||
if ((const char*)_dest + _len > (pcre + pcre_size)){ \
|
||||
if ((const char*)_dest + _len > tbufend){ \
|
||||
error = e_buffer_overflow; \
|
||||
} else { \
|
||||
memcpy(_dest, _src, _len); \
|
||||
|
|
@ -130,6 +128,9 @@ static pattern_t convert_aaregex_to_pcre(const char *aare, int anchor,
|
|||
/* flag to indicate input error */
|
||||
enum error_type error;
|
||||
|
||||
char tbuf[PATH_MAX + 3]; /* +3 for ^, $ and \0 */
|
||||
const char *tbufend = &tbuf[PATH_MAX];
|
||||
|
||||
const char *sptr;
|
||||
char *dptr;
|
||||
pattern_t ptype;
|
||||
|
|
@ -141,12 +142,14 @@ static pattern_t convert_aaregex_to_pcre(const char *aare, int anchor,
|
|||
error = e_no_error;
|
||||
ptype = ePatternBasic; /* assume no regex */
|
||||
|
||||
sptr = aare;
|
||||
dptr = pcre;
|
||||
if (!entry) /* shouldn't happen */
|
||||
return TRUE;
|
||||
|
||||
if (anchor)
|
||||
/* anchor beginning of regular expression */
|
||||
*dptr++ = '^';
|
||||
sptr = entry->name;
|
||||
dptr = tbuf;
|
||||
|
||||
/* anchor beginning of regular expression */
|
||||
*dptr++ = '^';
|
||||
|
||||
while (error == e_no_error && *sptr) {
|
||||
switch (*sptr) {
|
||||
|
|
@ -339,10 +342,10 @@ static pattern_t convert_aaregex_to_pcre(const char *aare, int anchor,
|
|||
}
|
||||
|
||||
/* anchor end and terminate pattern string */
|
||||
if (error == e_no_error && anchor)
|
||||
STORE("$" , dptr, 1);
|
||||
if (error == e_no_error) {
|
||||
STORE("", dptr, 1);
|
||||
char buf[2] = { '$', 0 };
|
||||
|
||||
STORE(buf, dptr, 2);
|
||||
}
|
||||
|
||||
/* check error again, as above STORE may have set it */
|
||||
|
|
@ -353,31 +356,12 @@ static pattern_t convert_aaregex_to_pcre(const char *aare, int anchor,
|
|||
}
|
||||
|
||||
PERROR(_("%s: Unable to parse input line '%s'\n"),
|
||||
progname, aare);
|
||||
progname, entry->name);
|
||||
|
||||
ret = FALSE;
|
||||
goto out;
|
||||
}
|
||||
|
||||
out:
|
||||
if (ret == FALSE)
|
||||
ptype = ePatternInvalid;
|
||||
return ptype;
|
||||
}
|
||||
|
||||
static int process_pcre_entry(struct cod_entry *entry)
|
||||
{
|
||||
char tbuf[PATH_MAX + 3]; /* +3 for ^, $ and \0 */
|
||||
int ret = TRUE;
|
||||
pattern_t ptype;
|
||||
|
||||
if (!entry) /* shouldn't happen */
|
||||
return TRUE;
|
||||
|
||||
ptype = convert_aaregex_to_pcre(entry->name, 1, tbuf, PATH_MAX + 3);
|
||||
if (ptype == ePatternInvalid)
|
||||
return FALSE;
|
||||
|
||||
entry->pattern_type = ptype;
|
||||
|
||||
/*
|
||||
|
|
@ -438,89 +422,33 @@ static int process_pcre_entry(struct cod_entry *entry)
|
|||
filter_escapes(entry->name);
|
||||
} /* ptype == ePatternRegex */
|
||||
|
||||
out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int process_dfa_entry(aare_ruleset_t *dfarules, struct cod_entry *entry)
|
||||
{
|
||||
char tbuf[PATH_MAX + 3]; /* +3 for ^, $ and \0 */
|
||||
int ret = TRUE;
|
||||
pattern_t ptype;
|
||||
|
||||
if (!entry) /* shouldn't happen */
|
||||
return TRUE;
|
||||
|
||||
ptype = convert_aaregex_to_pcre(entry->name, 0, tbuf, PATH_MAX + 3);
|
||||
if (ptype == ePatternInvalid)
|
||||
return FALSE;
|
||||
|
||||
entry->pattern_type = ptype;
|
||||
|
||||
/* ix implies m but the apparmor module does not add m bit to
|
||||
* dfa states like it does for pcre
|
||||
*/
|
||||
if (entry->mode & KERN_COD_EXEC_INHERIT)
|
||||
entry->mode |= KERN_COD_EXEC_MMAP;
|
||||
if (!aare_add_rule(dfarules, tbuf, entry->mode))
|
||||
ret = FALSE;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int post_process_entries(struct codomain *cod)
|
||||
int post_process_entries(struct cod_entry *entry_list)
|
||||
{
|
||||
int ret = TRUE, rc;
|
||||
struct cod_entry *entry;
|
||||
int count = 0;
|
||||
|
||||
for (entry = cod->entries; entry; entry = entry->next) {
|
||||
for (entry = entry_list; entry; entry = entry->next) {
|
||||
filter_slashes(entry->name);
|
||||
if (regex_type == AARE_DFA)
|
||||
rc = process_dfa_entry(cod->dfarules, entry);
|
||||
else
|
||||
rc = process_pcre_entry(entry);
|
||||
rc = process_regex_entry(entry);
|
||||
if (!rc)
|
||||
ret = FALSE;
|
||||
count++;
|
||||
}
|
||||
|
||||
code->dfarule_count = count;
|
||||
return ret;
|
||||
}
|
||||
|
||||
int process_regex(struct codomain *cod)
|
||||
{
|
||||
int error = -1;
|
||||
int error = 0;
|
||||
|
||||
if (regex_type == AARE_DFA) {
|
||||
cod->dfarules = aare_new_ruleset(0);
|
||||
if (!cod->dfarules)
|
||||
goto out;
|
||||
if (!post_process_entries(cod->entries)) {
|
||||
error = -1;
|
||||
}
|
||||
if (!post_process_entries(cod))
|
||||
{
|
||||
fprintf(stderr, "Failed post_process_entries\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (regex_type == AARE_DFA && cod->dfarule_count > 0) {
|
||||
cod->dfa = aare_create_dfa(cod->dfarules, 0, &cod->dfa_size);
|
||||
if (!cod->dfa)
|
||||
{
|
||||
fprintf(stderr, "Failed create dfa\n");
|
||||
goto out;
|
||||
}
|
||||
/*
|
||||
if (cod->dfa_size == 0) {
|
||||
PERROR(_("profile %s: has merged rules (%s) with "
|
||||
"multiple x modifiers\n"),
|
||||
cod->name, (char *) cod->dfa);
|
||||
free(cod->dfa);
|
||||
cod->dfa = NULL;
|
||||
goto out;
|
||||
}
|
||||
*/
|
||||
}
|
||||
/*
|
||||
* Post process subdomain(s):
|
||||
*
|
||||
|
|
@ -536,11 +464,8 @@ fprintf(stderr, "Failed create dfa\n");
|
|||
* }
|
||||
*/
|
||||
if (process_hat_regex(cod) != 0)
|
||||
goto out;
|
||||
error = -1;
|
||||
|
||||
error = 0;
|
||||
|
||||
out:
|
||||
return error;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue