This set fixes three issues, discovered by CoverityScan, that I don't believe are serious in practice but are worth fixing to make the AppArmor code more robust and prevent them from becoming more serious issues in the future. The first patch fixes possible out of bounds access issues when mapping a permissions mask to a string. The second fixes an uninitialized struct that could have some of its contents leaked to userspace during a permissions query.
I've tested the patches with the AppArmor regression test suite. The test results are the same with and without these patches applied. There are identical failures, in both situations, from the aa_policy_cache test but that's likely due to some unrelated, recent changes in the AppArmor userspace code. Tyler
