On Fri, Aug 12, 2016 at 10:49:34PM +0200, Christian Boltz wrote:
> RE_PATH expected (simplified) '/.+', however this excludes a plain '/'
> that can appear in path rules.
> 
> This patch changes the regex so that it also matches '/'.
> 
> 
> [ 10-RE_PATH-allow-root.diff ]
> 
> === modified file ./utils/apparmor/regex.py
> --- utils/apparmor/regex.py   2016-02-01 21:31:56.427302903 +0100
> +++ utils/apparmor/regex.py   2016-01-26 22:22:31.505637218 +0100
> @@ -27,7 +27,7 @@
>  RE_COMMA_EOL            = '\s*,' + RE_EOL # optional whitespace, comma + 
> RE_EOL
>  
>  RE_PROFILE_NAME         = '(?P<%s>(\S+|"[^"]+"))'    # string without 
> spaces, or quoted string. %s is the match group name
> -RE_PATH                 = '/\S+|"/[^"]+"'  # filename (starting with '/') 
> without spaces, or quoted filename.
> +RE_PATH                 = '/\S*|"/[^"]*"'  # filename (starting with '/') 
> without spaces, or quoted filename.
>  RE_PROFILE_PATH         = '(?P<%s>(' + RE_PATH + '))'  # quoted or unquoted 
> filename. %s is the match group name
>  RE_PROFILE_PATH_OR_VAR  = '(?P<%s>(' + RE_PATH + 
> '|@{\S+}\S*|"@{\S+}[^"]*"))'  # quoted or unquoted filename or variable. %s 
> is the match group name

Seems like (despite what the coverage reports say) we're missing some
test coverage on these particular regexs, because I don't see an obvious
place (after the entire series has been applied) to add a simple "/"
testcase.

-- 
Steve Beattie
<sbeat...@ubuntu.com>
http://NxNW.org/~steve/

Attachment: signature.asc
Description: PGP signature

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to