Allow using /([^/]+/)? and (/[^/]+)?/ in patterns

These are valid expressions in the middle of a pattern in a .fc file, in order to match an optional subdirectory level. Some recent commits introduced "/([^/]+/)?" in the policy: * commit b8f2c55109 ("cups: use ([^/]+/)? to match a subdirectory of CUPS configuration") * commit 4b02c2230d ("authlogin: label utempter correctly on Debian") Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-09-08 22:55:22 +02:00 · 2019-09-08 22:55:22 +02:00 · 249dc50218
parent f9deb94ba4
commit 249dc50218
1 changed files with 6 additions and 0 deletions
--- a/testing/check_fc_files.py
+++ b/testing/check_fc_files.py
@ -129,6 +129,10 @@ def analyze_fc_file(fc_path):
                print(f"{prefix}using (.*/)? without a previous slash could be a bug in {path} as it can match the empty string, please use /(.*/)? instead")  # noqa
                retval = False

+            if re.search(r'[^/]\(\[\^/\]\+/\)\?', path):
+                print(f"{prefix}using ([^/]+/)? without a previous slash could be a bug in {path} as it can match the empty string, please use /([^/]+/)? instead")  # noqa
+                retval = False
+
            if re.search(r'[^/]\(\.\*/\)\*', path):
                print(f"{prefix}using (.*/)* without a previous slash could be a bug in {path} as it can match the empty string, please use /(.*/)* instead")  # noqa
                retval = False
@ -202,6 +206,8 @@ def analyze_fc_file(fc_path):
                retval = False

            # Remove optional directories and filename parts
+            reduced_path = reduced_path.replace('/([^/]+/)?', '/')
+            reduced_path = reduced_path.replace('(/[^/]+)?/', '/')
            reduced_path = reduced_path.replace('[^/]*', '')
            reduced_path = reduced_path.replace('[^/]+', '∞')
            reduced_path = reduced_path.replace('[^/-]+', '∞')