logparser.py crash for change_hat event
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| AppArmor |
Fix Released
|
Undecided
|
Christian Boltz | ||
| 2.10 |
Fix Released
|
Undecided
|
Christian Boltz | ||
| 2.9 |
Fix Released
|
Undecided
|
Christian Boltz | ||
Bug Description
python3 aa-logprof -f <(echo 'type=AVC msg=audit(
results in
...
File ".../utils/
if '//' in e['name']:
TypeError: argument of type 'NoneType' is not iterable
print(e) gives {
'operation': 'change_hat',
'resource': None,
'magic_token': 0,
'denied_mask': None,
'pid': 8527,
'error_code': 0,
'profile': '/usr/sbin/
'info': None,
'parent': 0,
'name2': '/usr/sbin/
'time': 1449442292,
'attr': None,
'active_hat': None,
'aamode': 'PERMITTING',
'task': 0,
'request_mask': None,
'name': None
}
'name' is None, so it's not too surprising to see a crash here. The more interesting question is _why_ 'name' is None...
In case it matters - the log line comes from kernel 4.3.0 on openSUSE Tumbleweed.
| John Johansen (jjohansen) wrote | #1 |
| Christian Boltz (cboltz) wrote | #2 |
| Changed in apparmor: | |
| assignee: | nobody → Christian Boltz (cboltz) |
| Christian Boltz (cboltz) wrote | #3 |
| Changed in apparmor: | |
| status: | New → Fix Committed |
| milestone: | none → 2.11 |
| Changed in apparmor: | |
| status: | Fix Committed → Fix Released |
change_hat does NOT log a name, only a target. Which is represented by name2 in the logparse