[apparmor] parser: [patch 1/3] parser: Merge QUOTED_ID and QUOTED_LIST_VALUE_ID
John Johansen
john.johansen at canonical.com
Thu Nov 6 01:33:22 UTC 2014
On 11/05/2014 05:19 PM, john.johansen at canonical.com wrote:
Bleh, quilt mail dropped the intro mail describing this whole mess, the
text from that follows
This series has a couple of small cleanups followed by a patch to all
for unqoted alternations in list_value_ids. The parser currently
does not allow for alternations because it uses the comma and/or space
to indicate that there is another item in the list.
ie.
signal=(hup kill)
signal=(hup,kill)
signal=(hup, kill)
are all valid lists with the two items hup and kill. However when an
item value can contain regular expressions the alternation is not
allowed because the comma will cause the alternation to be broken into
two separate items.
foo=({one,two})
is treated as the items "{one" and "two} not as a single item with the
values of "one" or "two".
This can result in parse errors, or broken policy dependent on the
semantics of the expression being parsed.
Currently the way around this is to quote the single item
foo=("{one,two}")
The final patch in this series, teaches the lexer about alternations
so that it can determine if the comma is in an alternation or not.
So that
foo=({one,two},three)
will be treated as the two separate items "{one,two}" and "three"
The patch could use some revision, and several test cases but I wanted
to discuss whether this is something we want to do before I put any
more time into this.
More information about the AppArmor
mailing list