snappy-hub

Merge lp://staging/~kyrofa/snappy-hub/snappy-debug_escape_regex_strings into lp://staging/~snappy-debug-developers/snappy-hub/snappy-debug

  1. snappy-debug_escape_regex_strings
  2. Merge into snappy-debug
Proposed by Kyle Fazzari
Status: Merged
Merged at revision: 17
Proposed branch: lp://staging/~kyrofa/snappy-hub/snappy-debug_escape_regex_strings
Merge into: lp://staging/~snappy-debug-developers/snappy-hub/snappy-debug
Diff against target: 74 lines (+12/-10)
1 file modified
bin/snappy-security-scanlog (+12/-10)
To merge this branch: bzr merge lp://staging/~kyrofa/snappy-hub/snappy-debug_escape_regex_strings
Reviewer Review Type Date Requested Status
Jamie Strandboge Approve
Review via email: mp+277463@code.staging.launchpad.net

Commit message

Escape externally-controlled strings in regex.

Description of the change

snappy-security-scanlog currently dies with a "sre_constants.error: multiple repeat" exception when an apparmor event contains things like "++" (e.g. libstdc++). This is because it builds regex based on externally-controlled strings (like event names) without escaping them.

This change simply escapes all externally-controlled strings provided to re.compile().

To post a comment you must log in.
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Erf, nice catch. Looks great, thanks!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches