Hello, $subject. This fixes a crash in the tools.
Reported by peetaur on IRC. I propose this patch for trunk and 2.11. [ 01-logparser-ignore-ptrace-without-denied_mask.diff ] --- utils/apparmor/logparser.py 2017-05-19 23:14:20.278362000 +0200 +++ utils/apparmor/logparser.py 2017-05-19 23:16:23.854422934 +0200 @@ -348,6 +348,9 @@ if not e['peer']: self.debug_logger.debug('ignored garbage ptrace event with empty peer') return None + if not e['denied_mask']: + self.debug_logger.debug('ignored garbage ptrace event with empty denied_mask') + return None return(e['pid'], e['parent'], 'ptrace', [profile, hat, prog, aamode, e['denied_mask'], e['peer']]) === added file 'libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.err' === added file 'libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.in' --- libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.in 1970-01-01 00:00:00 +0000 +++ libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.in 2017-05-19 19:45:51 +0000 @@ -0,0 +1,1 @@ +type=AVC msg=audit(1495217772.047:4471): apparmor="DENIED" operation="ptrace" profile="/usr/bin/pidgin" pid=21704 comm="pidgin" peer="unconfined" === added file 'libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.out' --- libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.out 1970-01-01 00:00:00 +0000 +++ libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.out 2017-05-19 19:46:03 +0000 @@ -0,0 +1,11 @@ +START +File: ptrace_1.in +Event type: AA_RECORD_DENIED +Audit ID: 1495217772.047:4471 +Operation: ptrace +Profile: /usr/bin/pidgin +Peer: unconfined +Command: pidgin +PID: 21704 +Epoch: 1495217772 +Audit subid: 4471 === added file 'libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.profile' --- libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.profile 1970-01-01 00:00:00 +0000 +++ libraries/libapparmor/testsuite/test_multi/ptrace_no_denied_mask.profile 2017-05-19 21:09:24 +0000 @@ -0,0 +1,2 @@ +/usr/bin/pidgin { +} Regards, Christian Boltz -- Persönliche Daten sind wie Plutonium. Wenn zuviele davon auf einem Haufen liegen, wird es kritisch. [Dirk Engeling, CCC]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor