mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
Update parsing of the 'hat' and 'profile' keyword to use SUB_NAME
Change how we handle the parsing of the hat and profile keywords this allows us to get rid of the SUB_NAME2 start condition because the the whitespace that is allowed by these rules are now consumed by matching the keyword Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
This commit is contained in:
John Johansen
parent
7f9c79e345
commit
6ef6f605b0
2 changed files with 9 additions and 31 deletions
|
|
@ -186,7 +186,8 @@ IP {NUMBER}\.{NUMBER}\.{NUMBER}\.{NUMBER}
|
|||
ALLOWED_QUOTED_ID [^\0"]|\\\"
|
||||
QUOTED_ID \"{ALLOWED_QUOTED_ID}*\"
|
||||
|
||||
HAT hat[ \t]+
|
||||
HAT hat{WS}*
|
||||
PROFILE profile{WS}*
|
||||
KEYWORD [[:alpha:]_]+
|
||||
VARIABLE_NAME [[:alpha:]][[:alnum:]_]*
|
||||
SET_VAR_PREFIX @
|
||||
|
|
@ -205,7 +206,6 @@ ARROW ->
|
|||
LT_EQUAL <=
|
||||
|
||||
%x SUB_NAME
|
||||
%x SUB_NAME2
|
||||
%x NETWORK_MODE
|
||||
%x FLAGS_MODE
|
||||
%x ASSIGN_MODE
|
||||
|
|
@ -269,30 +269,6 @@ LT_EQUAL <=
|
|||
}
|
||||
}
|
||||
|
||||
<SUB_NAME2>{
|
||||
({ID}+|{QUOTED_ID}) {
|
||||
/* Ugh, this is a gross hack. I used to use
|
||||
* {ID}+ to match all TOK_IDs, but that would
|
||||
* also match TOK_MODE + TOK_END_OF_RULE
|
||||
* without any spaces in between (because it's
|
||||
* a longer match). So now, when I want to
|
||||
* match any random string, I go into a
|
||||
* separate state. */
|
||||
DUMP_PREPROCESS;
|
||||
yylval.id = processid(yytext, yyleng);
|
||||
PDEBUG("Found sub name: \"%s\"\n", yylval.id);
|
||||
yy_pop_state();
|
||||
return TOK_ID;
|
||||
}
|
||||
|
||||
{WS}+ { DUMP_PREPROCESS; /* Ignoring whitespace */ }
|
||||
[^\n] {
|
||||
DUMP_PREPROCESS;
|
||||
/* Something we didn't expect */
|
||||
yyerror(_("Found unexpected character: '%s'"), yytext);
|
||||
}
|
||||
}
|
||||
|
||||
<FLAGS_MODE>{
|
||||
{OPEN_PAREN} {
|
||||
DUMP_PREPROCESS;
|
||||
|
|
@ -535,10 +511,16 @@ LT_EQUAL <=
|
|||
|
||||
{HAT} {
|
||||
DUMP_PREPROCESS;
|
||||
yy_push_state(SUB_NAME2);
|
||||
yy_push_state(SUB_NAME);
|
||||
return TOK_HAT;
|
||||
}
|
||||
|
||||
{PROFILE} {
|
||||
DUMP_PREPROCESS;
|
||||
yy_push_state(SUB_NAME);
|
||||
return TOK_PROFILE;
|
||||
}
|
||||
|
||||
{COLON} {
|
||||
DUMP_PREPROCESS;
|
||||
PDEBUG("Found a colon\n");
|
||||
|
|
@ -564,9 +546,6 @@ LT_EQUAL <=
|
|||
PDEBUG("Found (var) id: \"%s\"\n", yylval.id);
|
||||
return TOK_ID;
|
||||
break;
|
||||
case TOK_PROFILE:
|
||||
yy_push_state(SUB_NAME2);
|
||||
break;
|
||||
case TOK_FLAGS:
|
||||
yy_push_state(FLAGS_MODE);
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -74,7 +74,6 @@ static struct keyword_table keyword_table[] = {
|
|||
{"subset", TOK_SUBSET},
|
||||
{"audit", TOK_AUDIT},
|
||||
{"deny", TOK_DENY},
|
||||
{"profile", TOK_PROFILE},
|
||||
{"set", TOK_SET},
|
||||
{"rlimit", TOK_RLIMIT},
|
||||
{"alias", TOK_ALIAS},
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue