mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/parser
History
Tyler Hicks 4b950117f9 parser: Quiet search dir valgrind warning and remove suppression 
When passing an include directory on the command line to
apparmor_parser, valgrind emits a warning:

 Invalid read of size 4
    at 0x404DA6: add_search_dir(char const*) (parser_include.c:152)
    by 0x40BB37: process_arg(int, char*) (parser_main.c:457)
    by 0x403D43: main (parser_main.c:590)
  Address 0x572207c is 28 bytes inside a block of size 29 alloc'd
    at 0x4C2A420: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    by 0x53E31C9: strdup (strdup.c:42)
    by 0x404D94: add_search_dir(char const*) (parser_include.c:145)
    by 0x40BB37: process_arg(int, char*) (parser_main.c:457)
    by 0x403D43: main (parser_main.c:590)

This patch quiets the warning by removing strlen() calls on the t char
array. Instead, it only calls strlen() on the dir char array. t is a
dupe of dir and strlen(dir) does not trigger the valgrind warning.

Additionally, this patch adds a bit of defensive programming to the
while loop to ensure that index into the t array is never negative.

Finally, the valgrind suppression is removed from valgrind_simple.py.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
2014-02-05 15:17:32 -05:00
..
libapparmor_re parser: eliminate bison warning 2014-01-24 10:19:59 -08:00
po po files: eliminate msgfmt missing language header warning 2014-01-20 11:45:10 -08:00
tst parser: Quiet search dir valgrind warning and remove suppression 2014-02-05 15:17:32 -05:00
apparmor-parser.spec.in Add an example parser.conf file 2011-10-07 14:43:54 -07:00
apparmor.d.pod parser: Document eavesdropping permission syntax in apparmor.d(5) 2013-12-06 11:18:17 -08:00
apparmor.pod can ?not fix apparmor.pod 2013-12-12 03:07:37 +01:00
apparmor_parser.pod fix broken URLs in various utils/*.pod files. 2013-09-19 21:17:39 +02:00
COPYING.GPL rpmlint complains about an outdated FSF address in parser/COPYING.GPL. 2011-11-27 13:52:06 +01:00
dbus.c parser: Add make variable to build against local or system libapparmor [v3] 2014-01-06 14:46:10 -08:00
dbus.h parser - add support for variable expansion in dbus rules 2013-08-29 12:34:13 -07:00
frob_slack_rc as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
immunix.h Move public mediation class types and perms to apparmor.h 2013-12-06 11:20:06 -08:00
lib.c Convert the parser to C++ 2013-09-27 16:13:22 -07:00
lib.h apparmor: abstract out the directory walking routine 2012-08-16 16:26:03 -07:00
Makefile parser: Add make variable to build against local or system libapparmor [v3] 2014-01-06 14:46:10 -08:00
mount.c Convert the parser to C++ 2013-09-27 16:13:22 -07:00
mount.h Fix mnt_flags passed for remount 2012-03-22 07:55:58 -07:00
parser.conf Commit the example parser.conf file that was supposed to be part of 2011-10-09 20:15:03 -07:00
parser.h parser: Check for kernel support prior to processing dbus entries 2013-10-29 17:03:23 -07:00
parser_alias.c parser: fix memory leak on calloc() failure 2014-01-24 10:58:06 -08:00
parser_common.c Fix for the previous minimization patch 2014-01-09 17:27:47 -08:00
parser_include.c parser: Quiet search dir valgrind warning and remove suppression 2014-02-05 15:17:32 -05:00
parser_include.h allow directories to be passed to the parser 2013-10-26 00:15:13 -07:00
parser_interface.c Fix policy generation for small dfas 2014-01-09 17:09:54 -08:00
parser_lex.l parser: Quiet valgrind false positive 2014-02-05 13:39:24 -05:00
parser_main.c Move short_options next to long_options to make them easier to keep in sync 2014-02-05 09:10:53 -05:00
parser_merge.c Convert codomain to a class 2013-09-27 16:16:37 -07:00
parser_misc.c parser: add rttime rlimit support 2014-01-24 11:06:31 -08:00
parser_policy.c Convert codomain to a class 2013-09-27 16:16:37 -07:00
parser_regex.c parser: simplify handling of default matching patterns 2014-01-24 10:47:42 -08:00
parser_symtab.c Convert codomain to a class 2013-09-27 16:16:37 -07:00
parser_variable.c parser: pull forward free() calls 2014-01-24 10:45:48 -08:00
parser_yacc.y parser: add rttime rlimit support 2014-01-24 11:06:31 -08:00
policydb.h Move public mediation class types and perms to apparmor.h 2013-12-06 11:20:06 -08:00
profile.cc parser - fix more memory leaks 2013-10-14 14:34:12 -07:00
profile.h parser: fix rlimit missing initializer warning 2013-12-10 12:42:50 -08:00
rc.aaeventd.redhat as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
rc.aaeventd.suse openSUSE patch to remove the "-f" parameter from startproc in rc.aaeventd.suse / 2011-08-13 14:22:35 +02:00
rc.apparmor.debian as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
rc.apparmor.functions Update the copyright dates for the apparmor_parser 2012-02-24 04:21:59 -08:00
rc.apparmor.redhat as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
rc.apparmor.slackware as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
rc.apparmor.suse It looks like rc.apparmor.functions renamed "aa_log_action_begin()" to 2011-09-15 20:20:23 +02:00
README parser - update README information 2013-10-11 22:14:28 -07:00
README.devel parser: add some developer documentation 2013-12-10 14:15:02 -08:00
subdomain.conf Here's an update to rename another chunk of things that still used 2011-01-13 13:58:26 -08:00
subdomain.conf.pod fix broken URLs in various utils/*.pod files. 2013-09-19 21:17:39 +02:00
techdoc.tex various changes in building techdoc.tex: 2012-05-09 00:41:06 +02:00
unit_test.h Convert codomain to a class 2013-09-27 16:16:37 -07:00

README 

The apparmor_parser allows you to add, replace, and remove AppArmor
policy through the use of command line options. The default is to add.
`apparmor_parser --help` shows what the command line options are.

You can also find more information at http://wiki.apparmor.net

Please send all complaints, feature requests, rants about the software,
and questions to the apparmor@lists.ubuntu.com mailing list. Bug
reports can be filed against the AppArmor project on launchpad.net at
https://launchpad.net/apparmor or reported to the mailing list directly
for those who wish not to register for an account on launchpad.

Security issues can be filed as security bugs on launchpad
or directed to security@ubuntu.com. We will attempt to
conform to the RFP vulnerability disclosure protocol:
http://www.wiretrip.net/rfp/policy.html

Thanks.

-- The AppArmor development team