Hello, Am Montag, 2. März 2015 schrieb Steve Beattie: > On Sun, Mar 01, 2015 at 04:08:23PM +0100, Christian Boltz wrote: > > this patch adds some tests for aa.py get_profile_flags(). > > > > It also adds a check to get_profile_flags() to catch an invalid > > syntax: > > /foo ( ) { > > > > was accepted by get_profile_flags, while > > > > /foo () { > > > > failed. > > > > When testing with the parser, both result in a syntax error, > > therefore the patch makes sure it also fails in > > get_profile_flags(). > > As an aside, I can accept that the current behavior of the parser is > to give an error here, though it could be better: > > $ echo 'profile /t () { } ' | apparmor_parser -d -QK > Warning from stdin (line 1): apparmor_parser: cannot use or update > cache, disable, or force-complain via stdin AppArmor parser error, in > stdin line 1: syntax error, unexpected TOK_CLOSEPAREN, expecting > TOK_VALUE > > I don't see any language test cases that cover this to ensure we > retain this behavior: > > $ grep -Er "\( *\)" parser/tst/simple_tests/ > parser/tst/simple_tests/unix/ok_regex_16.sd: unix > peer=(label=splat\(), parser/tst/simple_tests/dbus/ok_regex_06.sd: > dbus send bus=session peer=(label=splat\(), > > So we should probably address that as well.
OK, that's an easy one ;-) (if we ever decide that empty flags should be valid syntax, we can rename the tests and update the description) Add parser tests for empty flags (which result in "syntax error") [ parser-test-add-empty-flags.diff ] === added file 'parser/tst/simple_tests/profile/flags/flags_bad16.sd' --- parser/tst/simple_tests/profile/flags/flags_bad16.sd 1970-01-01 00:00:00 +0000 +++ parser/tst/simple_tests/profile/flags/flags_bad16.sd 2015-03-02 18:11:25 +0000 @@ -0,0 +1,9 @@ +# +#=DESCRIPTION Ensure empty flags fail +#=EXRESULT FAIL +# vim:syntax=apparmor +# +/does/not/exist flags=() { + + /does/not/exist r, +} === added file 'parser/tst/simple_tests/profile/flags/flags_bad17.sd' --- parser/tst/simple_tests/profile/flags/flags_bad17.sd 1970-01-01 00:00:00 +0000 +++ parser/tst/simple_tests/profile/flags/flags_bad17.sd 2015-03-02 18:15:26 +0000 @@ -0,0 +1,9 @@ +# +#=DESCRIPTION Ensure empty (whitespace-only) flags fail +#=EXRESULT FAIL +# vim:syntax=apparmor +# +/does/not/exist ( ) { + + /does/not/exist r, +} Regards, Christian Boltz -- Hier wird wohl im Moment alles gesiggt, was bei drei nicht auf dem Baum ist. [Thilo Machotta in dag°] -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor