[apparmor] [patch 05/26] cleanup/fix escape sequences in the backend and add support for \d

Steve Beattie steve at nxnw.org
Wed Apr 2 00:01:50 UTC 2014 

On Tue, Apr 01, 2014 at 12:20:08PM -0700, John Johansen wrote:
> On 04/01/2014 11:33 AM, Steve Beattie wrote:
> > On Thu, Mar 27, 2014 at 08:45:18AM -0700, john.johansen at canonical.com wrote:
> > 2) These kinds of conversion functions are both not too difficult to
> > check with unit tests and unit tests would help to verify that the
> > corner cases that we were incorrectly encoding have been fixed.
> > 
> > (Yes, the cheese ball unit test infrastructure I set up in the parser
> > is not the easiest to use. We could look at converting to something
> > like cunit if that would lower the hurdle to writing unit tests.)
> > 
> > 
> heh I'll poke at it and see what falls out

So actually going through the effort of writing some simple tests
to exercise the convert_XXXseq functions highlighted a couple of
edge-case issues with the patch:

  1) if the escape sequences start with leading zeros, more
     characters can be consumed than what is claimed in the comments;
     e.g. \d000000123 converts to 123, not 0. I don't know if that's
     correct behavior or not (I don't remember what behavior we're
     trying to emulate).

  2) if there are no valid digits after the escape e.g. \xXX, 0 is
     still returned and replaces the escape. Again, not sure if it's
     intended behavior.

Simple patch follows. It's not been hooked into the make check machinery
yet, and should be extended into exercising regex_lex() etc.

---
 parser/libapparmor_re/Makefile    |    5 ++
 parser/libapparmor_re/parse.h     |    4 +
 parser/libapparmor_re/tst_parse.c |   79 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 88 insertions(+)

Index: b/parser/libapparmor_re/Makefile
===================================================================
--- a/parser/libapparmor_re/Makefile
+++ b/parser/libapparmor_re/Makefile
@@ -12,6 +12,8 @@ BISON := bison
 
 all : ${TARGET}
 
+UNITTESTS = tst_parse
+
 libapparmor_re.a: parse.o expr-tree.o hfa.o chfa.o aare_rules.o
 	ar ${ARFLAGS} $@ $^
 
@@ -28,5 +30,8 @@ parse.o : parse.cc apparmor_re.h expr-tr
 parse.cc : parse.y parse.h flex-tables.h ../immunix.h
 	${BISON} -o $@ $<
 
+tst_parse: tst_parse.c libapparmor_re.a expr-tree.h ../parser.h ../unit_test.h
+	$(CXX) $(CXXFLAGS) -o $@ $< libapparmor_re.a
+
 clean:
 	rm -f *.o parse.cc ${TARGET} *.gcda *.gcno
Index: b/parser/libapparmor_re/parse.h
===================================================================
--- a/parser/libapparmor_re/parse.h
+++ b/parser/libapparmor_re/parse.h
@@ -24,4 +24,8 @@
 
 int regex_parse(Node **tree, const char *rule);
 
+int convert_octseq(const char **pos);
+int convert_decseq(const char **pos);
+int convert_hexseq(const char **pos);
+
 #endif /* __LIBAA_RE_PARSE_H */
Index: b/parser/libapparmor_re/tst_parse.c
===================================================================
--- /dev/null
+++ b/parser/libapparmor_re/tst_parse.c
@@ -0,0 +1,79 @@
+
+#define UNIT_TEST
+
+#include "../parser.h"
+#include "../unit_test.h"
+#include "expr-tree.h"
+#include "parse.h"
+
+
+int main(void)
+{
+        int rc = 0;
+	int retval;
+
+	struct test_struct {
+		const char *test;	/* test string */
+		int expected;		/* expected result */
+		const char *msg;	/* failure message */
+	};
+
+	struct test_struct oct_tests[] = {
+	  { "0a", 0, "oct conversion of \\0a failed" },
+	  { "00000003a", 0, "oct conversion of \\00000003a failed" },
+	  { "62", 50, "oct conversion of \\62 failed" },
+	  { "623", 50, "oct conversion of \\623 failed" },
+	  { "123", 83, "oct conversion of \\123 failed" },
+	  { "123;", 83, "oct conversion of \\123; failed" },
+	  { "2234", 147, "oct conversion of \\2234 failed" },
+	  { "xx", -1, "oct conversion of \\xx failed" },
+	  { NULL, 0, NULL }
+	};
+
+	struct test_struct dec_tests[] = {
+	  { "0a", 0, "dec conversion of \\d0a failed" },
+	  { "00000003a", 0, "dec conversion of \\d00000003a failed" },
+	  { "62", 62, "dec conversion of \\d62 failed" },
+	  { "623", 62, "dec conversion of \\d623 failed" },
+	  { "132", 132, "dec conversion of \\d132 failed" },
+	  { "132UL", 132, "dec conversion of \\d132UL failed" },
+	  { "255", 255, "dec conversion of \\d255 failed" },
+	  { "256", 25, "dec conversion of \\d256 failed" },
+	  { "2234", 223, "dec conversion of \\d2234 failed" },
+	  { "xx", -1, "dec conversion of \\dxx failed" },
+	  { NULL, 0, NULL }
+	};
+
+	struct test_struct hex_tests[] = {
+	  { "Ab", 0xab, "hex conversion of 0xAb failed" },
+	  { "4z", 0x4, "hex conversion of 0x4z failed" },
+	  { "123", 0x12, "hex conversion of 0x123 failed" },
+	  { "12M", 0x12, "hex conversion of 0x12M failed" },
+	  { "FF", 0xff, "hex conversion of 0x255 failed" },
+	  { "XX", -1, "hex conversion of 0xXX failed" },
+	  { NULL, 0, NULL }
+	};
+
+	for (struct test_struct *t = oct_tests; t->test; t++) {
+		const char *p = t->test;
+		retval = convert_octseq(&p);
+		printf("  oct test: %s\tresult: %d\n", t->test, retval);
+		MY_TEST(retval == t->expected, t->msg);
+	}
+
+	for (struct test_struct *t = dec_tests; t->test; t++) {
+		const char *p = t->test;
+		retval = convert_decseq(&p);
+		printf("  dec test: %s\tresult: %d\n", t->test, retval);
+		MY_TEST(retval == t->expected, t->msg);
+	}
+
+	for (struct test_struct *t = hex_tests; t->test; t++) {
+		const char *p = t->test;
+		retval = convert_hexseq(&p);
+		printf("  hex test: %s\tresult: %d\n", t->test, retval);
+		MY_TEST(retval == t->expected, t->msg);
+	}
+
+	return rc;
+}

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140401/27d73cb5/attachment.pgp>

More information about the AppArmor mailing list