[apparmor] [PATCH] [parsers] allow for nested alternations expressions
Steve Beattie
steve at nxnw.org
Tue Nov 5 19:34:54 UTC 2013
On Tue, Nov 05, 2013 at 11:33:02AM -0800, Steve Beattie wrote:
> On Mon, Nov 04, 2013 at 05:28:22PM -0800, John Johansen wrote:
> > On 11/04/2013 04:34 PM, Steve Beattie wrote:
> > > Well, part of the slowdown was me writing some unit tests for that
> > > function. Here's the patch that does that:
> [SNIP]
> > > + //MY_REGEX_TEST("\\", "\\", ePatternBasic);
> > > + MY_REGEX_TEST("\\\\", "\\\\", ePatternBasic);
> > > + //MY_REGEX_TEST("\\blort", "\\blort", ePatternBasic);
> > > + MY_REGEX_TEST("\\\\blort", "\\\\blort", ePatternBasic);
> > > + //MY_REGEX_TEST("blort\\", "blort\\", ePatternBasic);
> > why are these 3 commented out?
>
> Ah, right, I'd forgotten about these. They're commented out
> because as-is, they fail; however I wasn't sure if that was the
> correct expected output. Basically, what happens is that if whatever
> follows isn't expecting an escape character, then the escaping '\' is
> dropped. Thus, the current behavior is that '\\' becomes '' and both
> '\\blort' and 'blort\\' become 'blort'.
>
> The question is, is this a bug? I think so... but I'm willing to hear
> countering arguments.
>
> Attached is an updated patch that uncomments them out, adds the expected
> and resultant strings to the testcase output, and frees the strings
> allocated within the testcase.
And of course, I sent out a not-refreshed patch. Sorry. Here's the real one:
Signed-off-by: Steve Beattie <steve at nxnw.org>
---
parser/parser_regex.c | 107 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 107 insertions(+)
Index: b/parser/parser_regex.c
===================================================================
--- a/parser/parser_regex.c
+++ b/parser/parser_regex.c
@@ -1262,6 +1262,109 @@ static int test_filter_slashes(void)
return rc;
}
+#define MY_REGEX_TEST(input, expected_str, expected_type) \
+ do { \
+ char tbuf[PATH_MAX + 3]; \
+ char *test_string; \
+ char* output_string = NULL; \
+ pattern_t ptype; \
+ int pos; \
+ \
+ test_string = strdup((input)); \
+ ptype = convert_aaregex_to_pcre(test_string, 0, tbuf, PATH_MAX + 3, &pos); \
+ asprintf(&output_string, "simple regex conversion for '%s'\texpected = '%s'\tresult = '%s'", \
+ (input), expected_str, tbuf); \
+ MY_TEST(strcmp(tbuf, (expected_str)) == 0, output_string); \
+ MY_TEST(ptype == (expected_type), "simple regex conversion type check for '" input "'"); \
+ free(test_string); free(output_string); \
+ } \
+ while (0)
+
+#define MY_REGEX_FAIL_TEST(input) \
+ do { \
+ char tbuf[PATH_MAX + 3]; \
+ char *test_string; \
+ pattern_t ptype; \
+ int pos; \
+ \
+ test_string = strdup((input)); \
+ ptype = convert_aaregex_to_pcre(test_string, 0, tbuf, PATH_MAX + 3, &pos); \
+ MY_TEST(ptype == ePatternInvalid, "simple regex conversion invalid type check for '" input "'"); \
+ free(test_string); \
+ } \
+ while (0)
+
+static int test_aaregex_to_pcre(void)
+{
+ int rc = 0;
+
+ MY_REGEX_TEST("/most/basic/test", "/most/basic/test", ePatternBasic);
+
+ MY_REGEX_TEST("\\", "\\", ePatternBasic);
+ MY_REGEX_TEST("\\\\", "\\\\", ePatternBasic);
+ MY_REGEX_TEST("\\blort", "\\blort", ePatternBasic);
+ MY_REGEX_TEST("\\\\blort", "\\\\blort", ePatternBasic);
+ MY_REGEX_TEST("blort\\", "blort\\", ePatternBasic);
+ MY_REGEX_TEST("blort\\\\", "blort\\\\", ePatternBasic);
+ MY_REGEX_TEST("*", "[^/\\x00]*", ePatternRegex);
+ MY_REGEX_TEST("blort*", "blort[^/\\x00]*", ePatternRegex);
+ MY_REGEX_TEST("*blort", "[^/\\x00]*blort", ePatternRegex);
+ MY_REGEX_TEST("\\*", "\\*", ePatternBasic);
+ MY_REGEX_TEST("blort\\*", "blort\\*", ePatternBasic);
+ MY_REGEX_TEST("\\*blort", "\\*blort", ePatternBasic);
+
+ /* simple quoting */
+ MY_REGEX_TEST("\\[", "\\[", ePatternBasic);
+ MY_REGEX_TEST("\\]", "\\]", ePatternBasic);
+ MY_REGEX_TEST("\\?", "?", ePatternBasic);
+ MY_REGEX_TEST("\\{", "\\{", ePatternBasic);
+ MY_REGEX_TEST("\\}", "\\}", ePatternBasic);
+ MY_REGEX_TEST("\\,", ",", ePatternBasic);
+ MY_REGEX_TEST("^", "\\^", ePatternBasic);
+ MY_REGEX_TEST("$", "\\$", ePatternBasic);
+ MY_REGEX_TEST(".", "\\.", ePatternBasic);
+ MY_REGEX_TEST("+", "\\+", ePatternBasic);
+ MY_REGEX_TEST("|", "\\|", ePatternBasic);
+ MY_REGEX_TEST("(", "\\(", ePatternBasic);
+ MY_REGEX_TEST(")", "\\)", ePatternBasic);
+ MY_REGEX_TEST("\\^", "\\^", ePatternBasic);
+ MY_REGEX_TEST("\\$", "\\$", ePatternBasic);
+ MY_REGEX_TEST("\\.", "\\.", ePatternBasic);
+ MY_REGEX_TEST("\\+", "\\+", ePatternBasic);
+ MY_REGEX_TEST("\\|", "\\|", ePatternBasic);
+ MY_REGEX_TEST("\\(", "\\(", ePatternBasic);
+ MY_REGEX_TEST("\\)", "\\)", ePatternBasic);
+
+ /* simple character class tests */
+ MY_REGEX_TEST("[blort]", "[blort]", ePatternRegex);
+ MY_REGEX_FAIL_TEST("[blort");
+ MY_REGEX_FAIL_TEST("b[lort");
+ MY_REGEX_FAIL_TEST("blort[");
+ MY_REGEX_FAIL_TEST("blort]");
+ MY_REGEX_FAIL_TEST("blo]rt");
+ MY_REGEX_FAIL_TEST("]blort");
+
+ /* simple alternation tests */
+ MY_REGEX_TEST("{alpha,beta}", "(alpha|beta)", ePatternRegex);
+ MY_REGEX_TEST("baz{alpha,beta}blort", "baz(alpha|beta)blort", ePatternRegex);
+ MY_REGEX_FAIL_TEST("{beta}");
+ MY_REGEX_FAIL_TEST("biz{beta");
+ MY_REGEX_FAIL_TEST("biz}beta");
+ MY_REGEX_FAIL_TEST("biz{be,ta");
+ MY_REGEX_FAIL_TEST("biz,be}ta");
+ MY_REGEX_FAIL_TEST("biz{}beta");
+
+ /* nested alternations */
+ MY_REGEX_TEST("{{alpha,blort,nested},beta}", "((alpha|blort|nested)|beta)", ePatternRegex);
+ MY_REGEX_FAIL_TEST("{{alpha,blort,nested}beta}");
+ MY_REGEX_TEST("{{alpha,{blort,nested}},beta}", "((alpha|(blort|nested))|beta)", ePatternRegex);
+ MY_REGEX_TEST("{{alpha,alpha{blort,nested}}beta,beta}", "((alpha|alpha(blort|nested))beta|beta)", ePatternRegex);
+ MY_REGEX_TEST("{{alpha,alpha{blort,nested}}beta,beta}", "((alpha|alpha(blort|nested))beta|beta)", ePatternRegex);
+ MY_REGEX_TEST("{{a,b{c,d}}e,{f,{g,{h{i,j,k},l}m},n}o}", "((a|b(c|d))e|(f|(g|(h(i|j|k)|l)m)|n)o)", ePatternRegex);
+
+ return rc;
+}
+
int main(void)
{
int rc = 0;
@@ -1271,6 +1374,10 @@ int main(void)
if (retval != 0)
rc = retval;
+ retval = test_aaregex_to_pcre();
+ if (retval != 0)
+ rc = retval;
+
return rc;
}
#endif /* UNIT_TEST */
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20131105/d7856143/attachment.pgp>
More information about the AppArmor
mailing list