On Tue, Feb 14, 2012 at 09:32:27AM -0800, John Johansen wrote:
> mode strings overlap with other potential commands, or strings, and as
> currently written can be match as a leading substring of an ID. Eliminate
> the leading substring case by requiring that for a mode string to be
> recognized it must be terminated by whitespace, eol, eof, or
> comma (end of rule).
>
> The other cases where modes string overlap are ambiguous and the ID should
> be quoted to remove the ambiguity.
>
> Signed-off-by: John Johansen <john.johan...@canonical.com>
> ---
> parser/parser_lex.l | 6 +++---
> 1 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/parser/parser_lex.l b/parser/parser_lex.l
> index 8f549c8..e4f8f66 100644
> --- a/parser/parser_lex.l
> +++ b/parser/parser_lex.l
> @@ -175,9 +175,9 @@ SLASH \/
> COLON :
> END_OF_RULE [,]
> RANGE -
> -MODE_CHARS ([RrWwaLlMmkXx])|(([Pp]|[Cc])[Xx])|(([Pp]|[Cc])?([IiUu])[Xx])
> -MODES {MODE_CHARS}+
> WS [[:blank:]]
> +MODE_CHARS ([RrWwaLlMmkXx])|(([Pp]|[Cc])[Xx])|(([Pp]|[Cc])?([IiUu])[Xx])
> +MODES ({MODE_CHARS}+)
> NUMBER [[:digit:]]+
Why the relocation churn here? Better to just change only the MODES
definition for better change readability.
> ID_CHARS [^ \t\n"!,]
> @@ -540,7 +540,7 @@ LT_EQUAL <=
> return TOK_ID;
> }
>
> -{MODES} {
> +({MODES})/([[:space:],]) {
> DUMP_PREPROCESS;
> yylval.mode = strdup(yytext);
> PDEBUG("Found modes: %s\n", yylval.mode);
Otherwise, looks fine.
-Kees
--
Kees Cook
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
