From f36cc727fc037781c27c273e9b36c6c25b7dcf23 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <pebenito@ieee.org>
Date: Sun, 11 Oct 2020 14:48:35 -0400
Subject: [PATCH] util: Create utility function to parse xperm range strings.

Change sesearch and TERuleQueryTab to use this new function.

Signed-off-by: Chris PeBenito <pebenito@ieee.org>

# Conflicts:
#	setools/__init__.py
---
 sesearch                       | 13 +------------
 setools/__init__.py            |  3 +++
 setools/util.py                | 31 ++++++++++++++++++++++++++++++-
 setoolsgui/apol/terulequery.py | 15 ++-------------
 4 files changed, 36 insertions(+), 26 deletions(-)

diff --git a/sesearch b/sesearch
index dd033de..99e2940 100755
--- a/sesearch
+++ b/sesearch
@@ -172,19 +172,8 @@ try:
             terq.perms = args.perms.split(",")
 
         if args.xperms:
-            xperms = []
-            for item in args.xperms.split(","):
-                rng = item.split("-")
-                if len(rng) == 2:
-                    xperms.append((int(rng[0], base=16), int(rng[1], base=16)))
-                elif len(rng) == 1:
-                    xperms.append((int(rng[0], base=16), int(rng[0], base=16)))
-                else:
-                    parser.error("Enter an extended permission or extended permission range, e.g. "
-                                 "0x5411 or 0x8800-0x88ff.")
-
             # https://github.com/python/mypy/issues/220
-            terq.xperms = setools.xperm_str_to_tuple_ranges(xperms)  # type: ignore
+            terq.xperms = setools.xperm_str_to_tuple_ranges(args.xperms)  # type: ignore
 
         if args.boolean:
             if args.boolean_regex:
diff --git a/setools/__init__.py b/setools/__init__.py
index 869a228..d72d343 100644
--- a/setools/__init__.py
+++ b/setools/__init__.py
@@ -48,6 +48,9 @@ from . import exception
 # Base class for policy queries for type checking purposes
 from .query import PolicyQuery
 
+# utility functions
+from .util import xperm_str_to_tuple_ranges
+
 # Component Queries
 from .boolquery import BoolQuery
 from .categoryquery import CategoryQuery
diff --git a/setools/util.py b/setools/util.py
index 7636442..d64f428 100644
--- a/setools/util.py
+++ b/setools/util.py
@@ -18,7 +18,7 @@
 #
 
 from contextlib import suppress
-from typing import Iterable, Optional
+from typing import Iterable, List, Optional, Tuple
 
 from .exception import InvalidPermission, NoCommon
 from .policyrep import Level, ObjClass, SELinuxPolicy
@@ -223,3 +223,32 @@ def validate_perms_any(perms: Iterable[str], tclass: Optional[Iterable[ObjClass]
             raise InvalidPermission(
                 "Permission(s) do not exist any class: {}"
                 .format(", ".join(invalid)))
+
+
+def xperm_str_to_tuple_ranges(perms: str, separator: str = ",") -> List[Tuple[int, int]]:
+    """
+    Create a extended permission list of ranges from a string representation of ranges.
+    This does not do any checking for out-of-range values.
+
+    Parameters:
+    perms       A string representation of integer extended permissions, such as
+                "0x08,0x30-0x40,0x55,0x60-0x65"
+
+    Keyword Parameters:
+    separator   The separator between permissions/permission ranges.
+                Default is ","
+
+    Return:     List[Tuple[int, int]] equivalent of the permissions.
+    """
+
+    xperms: List[Tuple[int, int]] = []
+    for item in perms.split(separator):
+        rng = item.split("-")
+        if len(rng) == 2:
+            xperms.append((int(rng[0], base=16), int(rng[1], base=16)))
+        elif len(rng) == 1:
+            xperms.append((int(rng[0], base=16), int(rng[0], base=16)))
+        else:
+            raise ValueError("Unable to parse \"{}\" for xperms.".format(item))
+
+    return xperms
diff --git a/setoolsgui/apol/terulequery.py b/setoolsgui/apol/terulequery.py
index 23a5183..1fa06af 100644
--- a/setoolsgui/apol/terulequery.py
+++ b/setoolsgui/apol/terulequery.py
@@ -22,7 +22,7 @@ import logging
 from PyQt5.QtCore import Qt, QSortFilterProxyModel, QStringListModel, QThread
 from PyQt5.QtGui import QPalette, QTextCursor
 from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog
-from setools import TERuleQuery
+from setools import TERuleQuery, xperm_str_to_tuple_ranges
 
 from ..logtosignal import LogHandlerToSignal
 from ..models import PermListModel, SEToolsListModel, invert_list_selection
@@ -267,22 +267,11 @@ class TERuleQueryTab(AnalysisTab):
                                   "Comma-separated permissions or ranges of permissions.")
 
     def set_xperm(self):
-        xperms = []
         try:
             text = self.xperms.text()
 
             if text:
-                for item in self.xperms.text().split(","):
-                    rng = item.split("-")
-                    if len(rng) == 2:
-                        xperms.append((int(rng[0], base=16), int(rng[1], base=16)))
-                    elif len(rng) == 1:
-                        xperms.append((int(rng[0], base=16), int(rng[0], base=16)))
-                    else:
-                        raise ValueError("Enter an extended permission or extended permission "
-                                         "range, e.g. 0x5411 or 0x8800-0x88ff.")
-
-                self.query.xperms = xperms
+                self.query.xperms = xperm_str_to_tuple_ranges(text)
             else:
                 self.query.xperms = None