From 1b44cb6c2e8c2276a5e7313b85ce3821fe7af5e4 Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss@m4x.org>
Date: Wed, 21 Aug 2019 21:43:56 +0200
Subject: [PATCH] libraries: match a digit in Adobe Reader directories

Patterns using this have a small issue:

    /opt/Adobe/Reader.?/Reader/intellinux

The issue is that the dot can also match a slash. A bettern pattern
would be:

    /opt/Adobe/Reader[^/]?/Reader/intellinux

In this specific case, the intent is to match digits (like
/opt/Adobe/Reader9). Use [0-9] for this.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 policy/modules/system/libraries.fc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/policy/modules/system/libraries.fc b/policy/modules/system/libraries.fc
index 1d230140b..169f3c8f5 100644
--- a/policy/modules/system/libraries.fc
+++ b/policy/modules/system/libraries.fc
@@ -70,8 +70,8 @@ ifdef(`distro_gentoo',`
 ifdef(`distro_redhat',`
 /opt/Adobe.*/libcurl\.so 		-- 	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /opt/Adobe(/.*?)/nppdf\.so 		-- 	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/opt/Adobe/Reader.?/Reader/intellinux/plug_ins/.*\.api -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-/opt/Adobe/Reader.?/Reader/intellinux/SPPlugins/.*\.ap[il] -- gen_context(system_u:object_r:lib_t,s0)
+/opt/Adobe/Reader[0-9]?/Reader/intellinux/plug_ins/.*\.api -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+/opt/Adobe/Reader[0-9]?/Reader/intellinux/SPPlugins/.*\.ap[il] -- gen_context(system_u:object_r:lib_t,s0)
 /opt/cisco-vpnclient/lib/libvpnapi\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /opt/cx.*/lib/wine/.+\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /opt/f-secure/fspms/libexec/librapi\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)