File fix-parser-abi-crash.diff of Package apparmor.9516

commit 384ce01def5071b0672be94516e2f44fdb134283
Author: John Johansen <john.johansen@canonical.com>
Date:   Sat Dec 22 21:08:23 2018 -0800

    parser: fix abi rule core dump
    
    abi rule skipping is core dumping on some bad abi rule file names.
    
    [  112s] #   Failed test './simple_tests//abi/bad_10.sd: Produced core dump (signal 6): abi testing - abi path quotes in <> with spaces'
    [  112s] #   at simple.pl line 126.
    [  112s]
    [  112s] #   Failed test './simple_tests//abi/bad_11.sd: Produced core dump (signal 6): abi testing - abi path quotes in <> with spaces'
    [  112s] #   at simple.pl line 126.
    [  112s]
    [  112s] #   Failed test './simple_tests//abi/bad_12.sd: Produced core dump (signal 6): abi testing - abi path quotes in <> with spaces'
    [  112s] #   at simple.pl line 126.
    
    This is caused by calling processquoted without ensuring that that the
    length being processed is valid.
    
    Signed-off-by: John Johansen <john.johansen@canonical.com>
    Acked-by: Christian Boltz <apparmor@cboltz.de>

diff --git a/parser/parser_lex.l b/parser/parser_lex.l
index eb151383..77e5a8da 100644
--- a/parser/parser_lex.l
+++ b/parser/parser_lex.l
@@ -317,9 +317,12 @@ LT_EQUAL	<=
 <ABI_MODE>{
 	(\<(([^"\>\t\r\n]+)|{QUOTED_ID})\>|{QUOTED_ID}|{IDS})	{ /* <filename> | <"filename"> | "filename" | filename */
 		int lt = *yytext == '<'  ? 1 : 0;
-		char *filename = processid(yytext + lt, yyleng - lt*2);
+		char *filename;
 		bool exists = YYSTATE == INCLUDE_EXISTS;
 
+		if (yyleng - lt < 1)
+			yyerror(_("Bad filename\n"));
+		filename = processid(yytext + lt, yyleng - lt*2);
 		if (!filename)
 			yyerror(_("Failed to process filename\n"));
 		yylval.id = filename;