[apparmor] [PATCH] parser - fix trailing \\ in regex v2

Fri Nov 15 21:59:00 UTC 2013

On Thu, Nov 07, 2013 at 05:00:25PM -0800, John Johansen wrote:
> Its good as far as it goes, but I really want at least a warning for the
> embedded \a, and would like to settle our plans a little for the extended
> syntax so we can make sure the syntax for the aare is what we want.

Alright, here's the updated patch which adds a warning when something
that does not need to be quoted has a preceding quote.

Signed-off-by: Steve Beattie <steve at nxnw.org>
---
 parser/parser_regex.c |   18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

Index: b/parser/parser_regex.c
===================================================================

--- a/parser/parser_regex.c
+++ b/parser/parser_regex.c
@@ -329,6 +329,12 @@ static pattern_t convert_aaregex_to_pcre
 			// fall through to default
 
 		default:
+			if (bEscape) {
+				/* quoting mark used for something that
+				 * does not need to be quoted; give a warning */
+				pwarn("Character %c was quoted unnecessarily, "
+				      "dropped preceding quote ('\\') character\n", *sptr);
+			}
 			STORE(sptr, dptr, 1);
 			break;
 		}	/* switch (*sptr) */
@@ -344,6 +350,12 @@ static pattern_t convert_aaregex_to_pcre
 		       progname);
 	}
 
+	if ((error == e_no_error) && bEscape) {
+		/* trailing backslash quote */
+		error = e_parse_error;
+		PERROR(_("%s: Regex error: trailing '\\' escape character\n"),
+		       progname);
+	}
 	/* anchor end and terminate pattern string */
 	if ((error == e_no_error) && anchor) {
 		STORE("$" , dptr, 1);
@@ -1304,11 +1316,11 @@ static int test_aaregex_to_pcre(void)
 
 	MY_REGEX_TEST("/most/basic/test", "/most/basic/test", ePatternBasic);
 
-	MY_REGEX_TEST("\\", "\\", ePatternBasic);
+	MY_REGEX_FAIL_TEST("\\");
 	MY_REGEX_TEST("\\\\", "\\\\", ePatternBasic);
-	MY_REGEX_TEST("\\blort", "\\blort", ePatternBasic);
+	MY_REGEX_TEST("\\blort", "blort", ePatternBasic);
 	MY_REGEX_TEST("\\\\blort", "\\\\blort", ePatternBasic);
-	MY_REGEX_TEST("blort\\", "blort\\", ePatternBasic);
+	MY_REGEX_FAIL_TEST("blort\\");
 	MY_REGEX_TEST("blort\\\\", "blort\\\\", ePatternBasic);
 	MY_REGEX_TEST("*", "[^/\\x00]*", ePatternRegex);
 	MY_REGEX_TEST("blort*", "blort[^/\\x00]*", ePatternRegex);

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20131115/2f67b3e9/attachment.pgp>
