mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Replace BOOL,TRUE,FALSE macros with actual C++ boolean type

Browse source 
Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
This commit is contained in:
Ryan Lee 2024-10-16 17:21:24 -07:00
parent b43f1c4073
commit 6a1e9f916b
6 changed files with 72 additions and 86 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
parser/mount.cc
View file

@ -677,7 +677,7 @@ int mnt_rule::cmp(rule_t const &rhs) const {
return cmp_vec_int(opt_flagsv, rhs_mnt.opt_flagsv); return cmp_vec_int(opt_flagsv, rhs_mnt.opt_flagsv);
} }
static int build_mnt_flags(char *buffer, int size, unsigned int flags, static bool build_mnt_flags(char *buffer, int size, unsigned int flags,
unsigned int opt_flags) unsigned int opt_flags)
{ {
char *p = buffer; char *p = buffer;
@ -687,8 +687,8 @@ static int build_mnt_flags(char *buffer, int size, unsigned int flags,
/* all flags are optional */ /* all flags are optional */
len = snprintf(p, size, "%s", default_match_pattern); len = snprintf(p, size, "%s", default_match_pattern);
if (len < 0 || len >= size) if (len < 0 || len >= size)
return FALSE; return false;
return TRUE; return true;
} }
for (i = 0; i <= 31; ++i) { for (i = 0; i <= 31; ++i) {
if ((opt_flags) & (1 << i)) if ((opt_flags) & (1 << i))
@ -699,7 +699,7 @@ static int build_mnt_flags(char *buffer, int size, unsigned int flags,
continue; continue;
if (len < 0 || len >= size) if (len < 0 || len >= size)
return FALSE; return false;
p += len; p += len;
size -= len; size -= len;
} }
@ -710,15 +710,15 @@ static int build_mnt_flags(char *buffer, int size, unsigned int flags,
* like the empty string * like the empty string
*/ */
if (size < 9) if (size < 9)
return FALSE; return false;
strcpy(p, "(\\xfe|)"); strcpy(p, "(\\xfe|)");
} }
return TRUE; return true;
} }
static int build_mnt_opts(std::string& buffer, struct value_list *opts) static bool build_mnt_opts(std::string& buffer, struct value_list *opts)
{ {
struct value_list *ent; struct value_list *ent;
pattern_t ptype; pattern_t ptype;
@ -726,19 +726,19 @@ static int build_mnt_opts(std::string& buffer, struct value_list *opts)
if (!opts) { if (!opts) {
buffer.append(default_match_pattern); buffer.append(default_match_pattern);
return TRUE; return true;
} }
list_for_each(opts, ent) { list_for_each(opts, ent) {
ptype = convert_aaregex_to_pcre(ent->value, 0, glob_default, buffer, &pos); ptype = convert_aaregex_to_pcre(ent->value, 0, glob_default, buffer, &pos);
if (ptype == ePatternInvalid) if (ptype == ePatternInvalid)
return FALSE; return false;
if (ent->next) if (ent->next)
buffer.append(","); buffer.append(",");
} }
return TRUE; return true;
} }
void mnt_rule::warn_once(const char *name) void mnt_rule::warn_once(const char *name)

15
parser/parser.h
View file

@ -185,8 +185,6 @@ struct var_string {
#define OPTION_STDOUT 4 #define OPTION_STDOUT 4
#define OPTION_OFILE 5 #define OPTION_OFILE 5
#define BOOL int
extern int preprocess_only; extern int preprocess_only;
#define PATH_CHROOT_REL 0x1 #define PATH_CHROOT_REL 0x1
@ -219,13 +217,6 @@ do { \
errno = perror_error; \ errno = perror_error; \
} while (0) } while (0)
#ifndef TRUE
#define TRUE (1)
#endif
#ifndef FALSE
#define FALSE (0)
#endif
#define MIN_PORT 0 #define MIN_PORT 0
#define MAX_PORT 65535 #define MAX_PORT 65535
@ -429,10 +420,10 @@ extern const char *basedir;
#define glob_null 1 #define glob_null 1
extern pattern_t convert_aaregex_to_pcre(const char *aare, int anchor, int glob, extern pattern_t convert_aaregex_to_pcre(const char *aare, int anchor, int glob,
std::string& pcre, int *first_re_pos); std::string& pcre, int *first_re_pos);
extern int build_list_val_expr(std::string& buffer, struct value_list *list); extern bool build_list_val_expr(std::string& buffer, struct value_list *list);
extern int convert_entry(std::string& buffer, char *entry); extern bool convert_entry(std::string& buffer, char *entry);
extern int clear_and_convert_entry(std::string& buffer, char *entry); extern int clear_and_convert_entry(std::string& buffer, char *entry);
extern int convert_range(std::string& buffer, bignum start, bignum end); extern bool convert_range(std::string& buffer, bignum start, bignum end);
extern int process_regex(Profile *prof); extern int process_regex(Profile *prof);
extern int post_process_entry(struct cod_entry *entry); extern int post_process_entry(struct cod_entry *entry);

94
parser/parser_regex.c
View file

@ -50,7 +50,7 @@ enum error_type {
void filter_slashes(char *path) void filter_slashes(char *path)
{ {
char *sptr, *dptr; char *sptr, *dptr;
BOOL seen_slash = 0; bool seen_slash = false;
if (!path || (strlen(path) < 2)) if (!path || (strlen(path) < 2))
return; return;
@ -69,7 +69,7 @@ void filter_slashes(char *path)
++sptr; ++sptr;
} else { } else {
*dptr++ = *sptr++; *dptr++ = *sptr++;
seen_slash = TRUE; seen_slash = true;
} }
} else { } else {
seen_slash = 0; seen_slash = 0;
@ -111,14 +111,14 @@ pattern_t convert_aaregex_to_pcre(const char *aare, int anchor, int glob,
#define MAX_ALT_DEPTH 50 #define MAX_ALT_DEPTH 50
*first_re_pos = 0; *first_re_pos = 0;
int ret = TRUE; int ret = 1;
/* flag to indicate input error */ /* flag to indicate input error */
enum error_type error; enum error_type error;
const char *sptr; const char *sptr;
pattern_t ptype; pattern_t ptype;
BOOL bEscape = 0; /* flag to indicate escape */ bool bEscape = false; /* flag to indicate escape */
int ingrouping = 0; /* flag to indicate {} context */ int ingrouping = 0; /* flag to indicate {} context */
int incharclass = 0; /* flag to indicate [ ] context */ int incharclass = 0; /* flag to indicate [ ] context */
int grouping_count[MAX_ALT_DEPTH] = {0}; int grouping_count[MAX_ALT_DEPTH] = {0};
@ -150,7 +150,7 @@ pattern_t convert_aaregex_to_pcre(const char *aare, int anchor, int glob,
if (bEscape) { if (bEscape) {
pcre.append("\\\\"); pcre.append("\\\\");
} else { } else {
bEscape = TRUE; bEscape = true;
++sptr; ++sptr;
continue; /*skip turning bEscape off */ continue; /*skip turning bEscape off */
} /* bEscape */ } /* bEscape */
@ -393,7 +393,7 @@ pattern_t convert_aaregex_to_pcre(const char *aare, int anchor, int glob,
break; break;
} /* switch (*sptr) */ } /* switch (*sptr) */
bEscape = FALSE; bEscape = false;
++sptr; ++sptr;
} /* while error == e_no_error && *sptr) */ } /* while error == e_no_error && *sptr) */
@ -419,12 +419,12 @@ pattern_t convert_aaregex_to_pcre(const char *aare, int anchor, int glob,
PERROR(_("%s: Unable to parse input line '%s'\n"), PERROR(_("%s: Unable to parse input line '%s'\n"),
progname, aare); progname, aare);
ret = FALSE; ret = 0;
goto out; goto out;
} }
out: out:
if (ret == FALSE) if (ret == 0)
ptype = ePatternInvalid; ptype = ePatternInvalid;
if (parseopts.dump & DUMP_DFA_RULE_EXPR) if (parseopts.dump & DUMP_DFA_RULE_EXPR)
@ -464,7 +464,7 @@ static void warn_once_xattr(const char *name)
common_warn_once(name, "xattr attachment conditional ignored", &warned_name); common_warn_once(name, "xattr attachment conditional ignored", &warned_name);
} }
static int process_profile_name_xmatch(Profile *prof) static bool process_profile_name_xmatch(Profile *prof)
{ {
std::string tbuf; std::string tbuf;
pattern_t ptype; pattern_t ptype;
@ -479,7 +479,7 @@ static int process_profile_name_xmatch(Profile *prof)
/* don't filter_slashes for profile names, do on attachment */ /* don't filter_slashes for profile names, do on attachment */
name = strdup(local_name(prof->name)); name = strdup(local_name(prof->name));
if (!name) if (!name)
return FALSE; return false;
} }
filter_slashes(name); filter_slashes(name);
ptype = convert_aaregex_to_pcre(name, 0, glob_default, tbuf, ptype = convert_aaregex_to_pcre(name, 0, glob_default, tbuf,
@ -491,7 +491,7 @@ static int process_profile_name_xmatch(Profile *prof)
PERROR(_("%s: Invalid profile name '%s' - bad regular expression\n"), progname, name); PERROR(_("%s: Invalid profile name '%s' - bad regular expression\n"), progname, name);
if (!prof->attachment) if (!prof->attachment)
free(name); free(name);
return FALSE; return false;
} }
if (!prof->attachment) if (!prof->attachment)
@ -506,11 +506,11 @@ static int process_profile_name_xmatch(Profile *prof)
/* build a dfa */ /* build a dfa */
aare_rules *rules = new aare_rules(); aare_rules *rules = new aare_rules();
if (!rules) if (!rules)
return FALSE; return false;
if (!rules->add_rule(tbuf.c_str(), 0, RULE_ALLOW, if (!rules->add_rule(tbuf.c_str(), 0, RULE_ALLOW,
AA_MAY_EXEC, 0, parseopts)) { AA_MAY_EXEC, 0, parseopts)) {
delete rules; delete rules;
return FALSE; return false;
} }
if (prof->altnames) { if (prof->altnames) {
struct alt_name *alt; struct alt_name *alt;
@ -525,7 +525,7 @@ static int process_profile_name_xmatch(Profile *prof)
RULE_ALLOW, AA_MAY_EXEC, RULE_ALLOW, AA_MAY_EXEC,
0, parseopts)) { 0, parseopts)) {
delete rules; delete rules;
return FALSE; return false;
} }
} }
} }
@ -567,7 +567,7 @@ static int process_profile_name_xmatch(Profile *prof)
&len); &len);
if (!rules->append_rule(tbuf.c_str(), true, true, parseopts)) { if (!rules->append_rule(tbuf.c_str(), true, true, parseopts)) {
delete rules; delete rules;
return FALSE; return false;
} }
} }
} }
@ -581,10 +581,10 @@ build:
prof->xmatch = rules->create_dfablob(&prof->xmatch_size, &prof->xmatch_len, prof->xmatch_perms_table, parseopts, false, false, false); prof->xmatch = rules->create_dfablob(&prof->xmatch_size, &prof->xmatch_len, prof->xmatch_perms_table, parseopts, false, false, false);
delete rules; delete rules;
if (!prof->xmatch) if (!prof->xmatch)
return FALSE; return false;
} }
return TRUE; return true;
} }
static int warn_change_profile = 1; static int warn_change_profile = 1;
@ -606,21 +606,21 @@ static bool is_change_profile_perms(perm32_t perms)
return perms & AA_CHANGE_PROFILE; return perms & AA_CHANGE_PROFILE;
} }
static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry) static bool process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
{ {
std::string tbuf; std::string tbuf;
pattern_t ptype; pattern_t ptype;
int pos; int pos;
if (!entry) /* shouldn't happen */ if (!entry) /* shouldn't happen */
return TRUE; return false;
if (!is_change_profile_perms(entry->perms)) if (!is_change_profile_perms(entry->perms))
filter_slashes(entry->name); filter_slashes(entry->name);
ptype = convert_aaregex_to_pcre(entry->name, 0, glob_default, tbuf, &pos); ptype = convert_aaregex_to_pcre(entry->name, 0, glob_default, tbuf, &pos);
if (ptype == ePatternInvalid) if (ptype == ePatternInvalid)
return FALSE; return false;
entry->pattern_type = ptype; entry->pattern_type = ptype;
@ -649,13 +649,13 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
entry->perms & ~(AA_LINK_BITS | AA_CHANGE_PROFILE), entry->perms & ~(AA_LINK_BITS | AA_CHANGE_PROFILE),
entry->audit == AUDIT_FORCE ? entry->perms & ~(AA_LINK_BITS | AA_CHANGE_PROFILE) : 0, entry->audit == AUDIT_FORCE ? entry->perms & ~(AA_LINK_BITS | AA_CHANGE_PROFILE) : 0,
parseopts)) parseopts))
return FALSE; return false;
} else if (!is_change_profile_perms(entry->perms)) { } else if (!is_change_profile_perms(entry->perms)) {
if (!dfarules->add_rule(tbuf.c_str(), entry->priority, if (!dfarules->add_rule(tbuf.c_str(), entry->priority,
entry->rule_mode, entry->perms, entry->rule_mode, entry->perms,
entry->audit == AUDIT_FORCE ? entry->perms : 0, entry->audit == AUDIT_FORCE ? entry->perms : 0,
parseopts)) parseopts))
return FALSE; return false;
} }
if (entry->perms & (AA_LINK_BITS)) { if (entry->perms & (AA_LINK_BITS)) {
@ -669,7 +669,7 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
filter_slashes(entry->link_name); filter_slashes(entry->link_name);
ptype = convert_aaregex_to_pcre(entry->link_name, 0, glob_default, lbuf, &pos); ptype = convert_aaregex_to_pcre(entry->link_name, 0, glob_default, lbuf, &pos);
if (ptype == ePatternInvalid) if (ptype == ePatternInvalid)
return FALSE; return false;
if (entry->subset) if (entry->subset)
perms |= LINK_TO_LINK_SUBSET(perms); perms |= LINK_TO_LINK_SUBSET(perms);
vec[1] = lbuf.c_str(); vec[1] = lbuf.c_str();
@ -681,7 +681,7 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
entry->rule_mode, perms, entry->rule_mode, perms,
entry->audit == AUDIT_FORCE ? perms & AA_LINK_BITS : 0, entry->audit == AUDIT_FORCE ? perms & AA_LINK_BITS : 0,
2, vec, parseopts, false)) 2, vec, parseopts, false))
return FALSE; return false;
} }
if (is_change_profile_perms(entry->perms)) { if (is_change_profile_perms(entry->perms)) {
const char *vec[3]; const char *vec[3];
@ -702,7 +702,7 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
if (entry->onexec) { if (entry->onexec) {
ptype = convert_aaregex_to_pcre(entry->onexec, 0, glob_default, xbuf, &pos); ptype = convert_aaregex_to_pcre(entry->onexec, 0, glob_default, xbuf, &pos);
if (ptype == ePatternInvalid) if (ptype == ePatternInvalid)
return FALSE; return false;
vec[0] = xbuf.c_str(); vec[0] = xbuf.c_str();
} else } else
/* allow change_profile for all execs */ /* allow change_profile for all execs */
@ -713,14 +713,14 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
if (!parse_label(&stack, &ns, &name, if (!parse_label(&stack, &ns, &name,
tbuf.c_str(), false)) { tbuf.c_str(), false)) {
return FALSE; return false;
} }
if (stack) { if (stack) {
fprintf(stderr, fprintf(stderr,
_("The current kernel does not support stacking of named transitions: %s\n"), _("The current kernel does not support stacking of named transitions: %s\n"),
tbuf.c_str()); tbuf.c_str());
return FALSE; return false;
} }
if (ns) if (ns)
@ -734,13 +734,13 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
if (!dfarules->add_rule_vec(entry->priority, entry->rule_mode, if (!dfarules->add_rule_vec(entry->priority, entry->rule_mode,
AA_CHANGE_PROFILE | onexec_perms, AA_CHANGE_PROFILE | onexec_perms,
0, index - 1, &vec[1], parseopts, false)) 0, index - 1, &vec[1], parseopts, false))
return FALSE; return false;
/* onexec rules - both rules are needed for onexec */ /* onexec rules - both rules are needed for onexec */
if (!dfarules->add_rule_vec(entry->priority, entry->rule_mode, if (!dfarules->add_rule_vec(entry->priority, entry->rule_mode,
onexec_perms, onexec_perms,
0, 1, vec, parseopts, false)) 0, 1, vec, parseopts, false))
return FALSE; return false;
/** /**
* pick up any exec bits, from the frontend parser, related to * pick up any exec bits, from the frontend parser, related to
@ -750,19 +750,19 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
if (!dfarules->add_rule_vec(entry->priority, entry->rule_mode, if (!dfarules->add_rule_vec(entry->priority, entry->rule_mode,
onexec_perms, 0, index, vec, onexec_perms, 0, index, vec,
parseopts, false)) parseopts, false))
return FALSE; return false;
} }
return TRUE; return true;
} }
int post_process_entries(Profile *prof) bool post_process_entries(Profile *prof)
{ {
int ret = TRUE; int ret = true;
struct cod_entry *entry; struct cod_entry *entry;
list_for_each(prof->entries, entry) { list_for_each(prof->entries, entry) {
if (!process_dfa_entry(prof->dfa.rules, entry)) if (!process_dfa_entry(prof->dfa.rules, entry))
ret = FALSE; ret = false;
} }
return ret; return ret;
@ -815,7 +815,7 @@ out:
return error; return error;
} }
int build_list_val_expr(std::string& buffer, struct value_list *list) bool build_list_val_expr(std::string& buffer, struct value_list *list)
{ {
struct value_list *ent; struct value_list *ent;
pattern_t ptype; pattern_t ptype;
@ -823,7 +823,7 @@ int build_list_val_expr(std::string& buffer, struct value_list *list)
if (!list) { if (!list) {
buffer.append(default_match_pattern); buffer.append(default_match_pattern);
return TRUE; return true;
} }
buffer.append("("); buffer.append("(");
@ -840,12 +840,12 @@ int build_list_val_expr(std::string& buffer, struct value_list *list)
} }
buffer.append(")"); buffer.append(")");
return TRUE; return true;
fail: fail:
return FALSE; return false;
} }
int convert_entry(std::string& buffer, char *entry) bool convert_entry(std::string& buffer, char *entry)
{ {
pattern_t ptype; pattern_t ptype;
int pos; int pos;
@ -853,12 +853,12 @@ int convert_entry(std::string& buffer, char *entry)
if (entry) { if (entry) {
ptype = convert_aaregex_to_pcre(entry, 0, glob_default, buffer, &pos); ptype = convert_aaregex_to_pcre(entry, 0, glob_default, buffer, &pos);
if (ptype == ePatternInvalid) if (ptype == ePatternInvalid)
return FALSE; return false;
} else { } else {
buffer.append(default_match_pattern); buffer.append(default_match_pattern);
} }
return TRUE; return true;
} }
int clear_and_convert_entry(std::string& buffer, char *entry) int clear_and_convert_entry(std::string& buffer, char *entry)
@ -959,7 +959,7 @@ static std::string generate_regex_range(bignum start, bignum end)
return result.str(); return result.str();
} }
int convert_range(std::string& buffer, bignum start, bignum end) bool convert_range(std::string& buffer, bignum start, bignum end)
{ {
pattern_t ptype; pattern_t ptype;
int pos; int pos;
@ -969,24 +969,24 @@ int convert_range(std::string& buffer, bignum start, bignum end)
if (!regex_range.empty()) { if (!regex_range.empty()) {
ptype = convert_aaregex_to_pcre(regex_range.c_str(), 0, glob_default, buffer, &pos); ptype = convert_aaregex_to_pcre(regex_range.c_str(), 0, glob_default, buffer, &pos);
if (ptype == ePatternInvalid) if (ptype == ePatternInvalid)
return FALSE; return false;
} else { } else {
buffer.append(default_match_pattern); buffer.append(default_match_pattern);
} }
return TRUE; return true;
} }
int post_process_policydb_ents(Profile *prof) bool post_process_policydb_ents(Profile *prof)
{ {
for (RuleList::iterator i = prof->rule_ents.begin(); i != prof->rule_ents.end(); i++) { for (RuleList::iterator i = prof->rule_ents.begin(); i != prof->rule_ents.end(); i++) {
if ((*i)->skip()) if ((*i)->skip())
continue; continue;
if ((*i)->gen_policy_re(*prof) == RULE_ERROR) if ((*i)->gen_policy_re(*prof) == RULE_ERROR)
return FALSE; return false;
} }
return TRUE; return true;
} }

13
parser/parser_variable.c
View file

@ -79,7 +79,7 @@ struct var_string *split_out_var(const char *string)
{ {
struct var_string *n = NULL; struct var_string *n = NULL;
const char *sptr; const char *sptr;
BOOL bEscape = 0; /* flag to indicate escape */ bool bEscape = false; /* flag to indicate escape */
if (!string) /* shouldn't happen */ if (!string) /* shouldn't happen */
return NULL; return NULL;
@ -89,15 +89,11 @@ struct var_string *split_out_var(const char *string)
while (!n && *sptr) { while (!n && *sptr) {
switch (*sptr) { switch (*sptr) {
case '\\': case '\\':
if (bEscape) { bEscape = !bEscape;
bEscape = FALSE;
} else {
bEscape = TRUE;
}
break; break;
case '@': case '@':
if (bEscape) { if (bEscape) {
bEscape = FALSE; bEscape = false;
} else if (*(sptr + 1) == '{') { } else if (*(sptr + 1) == '{') {
const char *eptr = get_var_end(sptr + 2); const char *eptr = get_var_end(sptr + 2);
if (!eptr) if (!eptr)
@ -111,8 +107,7 @@ struct var_string *split_out_var(const char *string)
} }
break; break;
default: default:
if (bEscape) bEscape = false;
bEscape = FALSE;
} }
sptr++; sptr++;
} }

14
parser/profile.cc
View file

@ -226,13 +226,13 @@ static bool add_proc_access(Profile *prof, const char *rule)
char *buffer = strdup("/proc/*/attr/apparmor/"); char *buffer = strdup("/proc/*/attr/apparmor/");
if (!buffer) { if (!buffer) {
PERROR("Memory allocation error\n"); PERROR("Memory allocation error\n");
return FALSE; return false;
} }
new_ent = new_entry(buffer, AA_MAY_READ, NULL); new_ent = new_entry(buffer, AA_MAY_READ, NULL);
if (!new_ent) { if (!new_ent) {
free(buffer); free(buffer);
PERROR("Memory allocation error\n"); PERROR("Memory allocation error\n");
return FALSE; return false;
} }
add_entry_to_policy(prof, new_ent); add_entry_to_policy(prof, new_ent);
@ -240,13 +240,13 @@ static bool add_proc_access(Profile *prof, const char *rule)
buffer = strdup("/sys/module/apparmor/parameters/enabled"); buffer = strdup("/sys/module/apparmor/parameters/enabled");
if (!buffer) { if (!buffer) {
PERROR("Memory allocation error\n"); PERROR("Memory allocation error\n");
return FALSE; return false;
} }
new_ent = new_entry(buffer, AA_MAY_READ, NULL); new_ent = new_entry(buffer, AA_MAY_READ, NULL);
if (!new_ent) { if (!new_ent) {
free(buffer); free(buffer);
PERROR("Memory allocation error\n"); PERROR("Memory allocation error\n");
return FALSE; return false;
} }
add_entry_to_policy(prof, new_ent); add_entry_to_policy(prof, new_ent);
@ -254,17 +254,17 @@ static bool add_proc_access(Profile *prof, const char *rule)
buffer = strdup(rule); buffer = strdup(rule);
if (!buffer) { if (!buffer) {
PERROR("Memory allocation error\n"); PERROR("Memory allocation error\n");
return FALSE; return false;
} }
new_ent = new_entry(buffer, AA_MAY_WRITE, NULL); new_ent = new_entry(buffer, AA_MAY_WRITE, NULL);
if (!new_ent) { if (!new_ent) {
free(buffer); free(buffer);
PERROR("Memory allocation error\n"); PERROR("Memory allocation error\n");
return FALSE; return false;
} }
add_entry_to_policy(prof, new_ent); add_entry_to_policy(prof, new_ent);
return TRUE; return true;
} }
#define CHANGEPROFILE_PATH "/proc/*/attr/{apparmor/,}{current,exec}" #define CHANGEPROFILE_PATH "/proc/*/attr/{apparmor/,}{current,exec}"

2
parser/profile.h
View file

@ -363,7 +363,7 @@ public:
struct cond_entry_list xattrs; struct cond_entry_list xattrs;
/* char *sub_name; */ /* subdomain name or NULL */ /* char *sub_name; */ /* subdomain name or NULL */
/* int default_deny; */ /* TRUE or FALSE */ /* bool default_deny; */
bool local; bool local;
Profile *parent; Profile *parent;