This patch is a very minor optimization to the search to determine
whether a given rule is an exact match or not. If a wildcard rule
(i.e. an inexact match) is discovered, exact_match is set to 0,
so we don't need to continue the tree traversal.
Signed-off-by: Steve Beattie <st...@nxnw.org>
---
parser/libapparmor_re/aare_rules.cc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Index: b/parser/libapparmor_re/aare_rules.cc
===================================================================
--- a/parser/libapparmor_re/aare_rules.cc
+++ b/parser/libapparmor_re/aare_rules.cc
@@ -1,7 +1,7 @@
/*
* (C) 2006, 2007 Andreas Gruenbacher <agr...@suse.de>
* Copyright (c) 2003-2008 Novell, Inc. (All rights reserved)
- * Copyright 2009-2012 Canonical Ltd.
+ * Copyright 2009-2013 Canonical Ltd. (All rights reserved)
*
* The libapparmor library is licensed under the terms of the GNU
* Lesser General Public License, version 2.1. Please see the file
@@ -123,7 +123,7 @@ int aare_add_rule_vec(aare_ruleset_t *ru
* on how we split permission bitmasks here.
*/
exact_match = 1;
- for (depth_first_traversal i(tree); i; i++) {
+ for (depth_first_traversal i(tree); i && exact_match; i++) {
if (dynamic_cast<StarNode *>(*i) ||
dynamic_cast<PlusNode *>(*i) ||
dynamic_cast<AnyCharNode *>(*i) ||
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
