[apparmor] [patch] [10/38] RE_PATH: allow to match '/'
Steve Beattie
steve at nxnw.org
Thu Sep 22 05:40:36 UTC 2016
On Fri, Aug 12, 2016 at 10:49:34PM +0200, Christian Boltz wrote:
> RE_PATH expected (simplified) '/.+', however this excludes a plain '/'
> that can appear in path rules.
>
> This patch changes the regex so that it also matches '/'.
>
>
> [ 10-RE_PATH-allow-root.diff ]
>
> === modified file ./utils/apparmor/regex.py
> --- utils/apparmor/regex.py 2016-02-01 21:31:56.427302903 +0100
> +++ utils/apparmor/regex.py 2016-01-26 22:22:31.505637218 +0100
> @@ -27,7 +27,7 @@
> RE_COMMA_EOL = '\s*,' + RE_EOL # optional whitespace, comma + RE_EOL
>
> RE_PROFILE_NAME = '(?P<%s>(\S+|"[^"]+"))' # string without spaces, or quoted string. %s is the match group name
> -RE_PATH = '/\S+|"/[^"]+"' # filename (starting with '/') without spaces, or quoted filename.
> +RE_PATH = '/\S*|"/[^"]*"' # filename (starting with '/') without spaces, or quoted filename.
> RE_PROFILE_PATH = '(?P<%s>(' + RE_PATH + '))' # quoted or unquoted filename. %s is the match group name
> RE_PROFILE_PATH_OR_VAR = '(?P<%s>(' + RE_PATH + '|@{\S+}\S*|"@{\S+}[^"]*"))' # quoted or unquoted filename or variable. %s is the match group name
Seems like (despite what the coverage reports say) we're missing some
test coverage on these particular regexs, because I don't see an obvious
place (after the entire series has been applied) to add a simple "/"
testcase.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160921/195f339e/attachment.pgp>
More information about the AppArmor
mailing list