The writeu16() function was outputting unescaped byte sequences to the rule buffer. That resulted the generation of in an incomplete rule if one of those unescaped byte sequences contained 0x00.
This patch uses u8 pointers, instead of char pointers, when writing out the big endian u16 value. More importantly, it casts the u8 values to unsigned ints, which is what's needed to get the properly escaped byte sequences. Signed-off-by: Tyler Hicks <[email protected]> --- Before: $ echo "/t { unix (connect,read,write) type=stream, }" | apparmor_parser -qQD dfa-states {1} <== (allow/deny/audit/quiet) {2} (0x 4/0/0/0) {3} (0x 4/0/0/0) {5} (0x 46/0/0/0) {1} -> {2}: 0x2 {1} -> {3}: 0x4 {1} -> {2}: 0x7 {1} -> {2}: 0x9 {1} -> {2}: 0xa {1} -> {2}: 0x20 \ {1} -> {4}: 0x34 4 {3} (0x 4/0/0/0) -> {5}: 0x0 {4} -> {6}: 0x0 {6} -> {2}: 0x31 1 After (the next patch fixes the pointer values that are being written out): $ echo "/t { unix (connect,read,write) type=stream, }" | apparmor_parser -qQD dfa-states {1} <== (allow/deny/audit/quiet) {2} (0x 4/0/0/0) {3} (0x 4/0/0/0) {43} (0x 46/0/0/0) {44} (0x 46/0/0/0) {1} -> {2}: 0x2 {1} -> {3}: 0x4 {1} -> {2}: 0x7 {1} -> {2}: 0x9 {1} -> {2}: 0xa {1} -> {2}: 0x20 \ {1} -> {4}: 0x34 4 {3} (0x 4/0/0/0) -> {5}: 0x0 {4} -> {6}: 0x0 {5} -> {7}: 0x1 {6} -> {2}: 0x31 1 {7} -> {8}: 0x30 0 {8} -> {9}: 0x78 x {9} -> {10}: 0x37 7 {10} -> {11}: 0x66 f {11} -> {12}: 0x66 f {12} -> {13}: 0x66 f {13} -> {14}: 0x31 1 {14} -> {15}: 0x30 0 {15} -> {16}: 0x34 4 {16} -> {17}: 0x66 f {17} -> {18}: 0x33 3 {18} -> {19}: 0x35 5 {19} -> {20}: 0x31 1 {20} -> {21}: 0x38 8 {21} -> {22}: 0x0 {22} -> {23}: 0x1 {23} -> {24}: 0x30 0 {24} -> {25}: 0x78 x {25} -> {26}: 0x37 7 {26} -> {27}: 0x66 f {27} -> {28}: 0x66 f {28} -> {29}: 0x66 f {29} -> {30}: 0x31 1 {30} -> {31}: 0x30 0 {31} -> {32}: 0x34 4 {32} -> {33}: 0x66 f {33} -> {34}: 0x33 3 {34} -> {35}: 0x35 5 {35} -> {36}: 0x31 1 {36} -> {37}: 0x38 8 {37} -> {38}: [] {38} -> {39}: [] {39} -> {40}: 0x0 {39} -> {39}: [] {40} -> {40}: 0x0 {40} -> {41}: 0x1 {40} -> {39}: [] {41} -> {42}: 0x0 {41} -> {39}: [] {42} -> {40}: 0x0 {42} -> {44}: 0x1 {42} -> {43}: [] {43} (0x 46/0/0/0) -> {40}: 0x0 {43} (0x 46/0/0/0) -> {43}: [] {44} (0x 46/0/0/0) -> {42}: 0x0 {44} (0x 46/0/0/0) -> {43}: [] parser/af_unix.cc | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/parser/af_unix.cc b/parser/af_unix.cc index 34b93a4..7f6c0d0 100644 --- a/parser/af_unix.cc +++ b/parser/af_unix.cc @@ -192,9 +192,11 @@ static void warn_once(const char *name) std::ostringstream &writeu16(std::ostringstream &o, int v) { u16 tmp = htobe16((u16) v); - char *c = (char *) &tmp; - o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << *c++; - o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << *c; + u8 *byte1 = (u8 *)&tmp; + u8 *byte2 = byte1 + 1; + + o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << static_cast<unsigned int>(*byte1); + o << "\\x" << std::setfill('0') << std::setw(2) << std::hex << static_cast<unsigned int>(*byte2); return o; } -- 2.1.0 -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
