mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

*TestParseInvalid: move tests not matching regex into tests array

Browse Source
This commit is contained in:
Christian Boltz 2025-06-29 18:01:30 +02:00
parent 2a37040415
commit 66cb0af47c
No known key found for this signature in database
GPG Key ID: C6A682EA63C82F1C
12 changed files with 23 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
utils/test/test-all.py
View File

@ -64,19 +64,13 @@ class AllTestParseInvalid(AllTest):
('all -> ,', (AppArmorException, False)), ('all -> ,', (AppArmorException, False)),
('owner all,', (AppArmorException, False)), ('owner all,', (AppArmorException, False)),
('all foo ,', (AppArmorException, False)), ('all foo ,', (AppArmorException, False)),
('priority=a all,', (AppArmorException, False)),
('priority=1042 all,', (AppArmorException, True)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(AllRule, rawrule, expected) self.parseInvalidRule(AllRule, rawrule, expected)
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
AllRule.create_instance('priority=a all,')
def test_invalid_priority_2(self):
with self.assertRaises(AppArmorException):
AllRule.create_instance('priority=1042 all,')
# we won't ever support converting a log event to an 'all,' rule # we won't ever support converting a log event to an 'all,' rule
# class AllTestParseFromLog(AllTest): # class AllTestParseFromLog(AllTest):

5
utils/test/test-dbus.py
View File

@ -121,16 +121,13 @@ class DbusTestParseInvalid(DbusTest):
('dbus peer=,', (AppArmorException, True)), ('dbus peer=,', (AppArmorException, True)),
('dbus bus=session bind bus=system,', (AppArmorException, True)), ('dbus bus=session bind bus=system,', (AppArmorException, True)),
('dbus bus=1 bus=2 bus=3 bus=4 bus=5 bus=6 bus=7,', (AppArmorException, True)), ('dbus bus=1 bus=2 bus=3 bus=4 bus=5 bus=6 bus=7,', (AppArmorException, True)),
('priority=a dbus,', (AppArmorException, False)),
('priority=1042 dbus,', (AppArmorException, True)), ('priority=1042 dbus,', (AppArmorException, True)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(DbusRule, rawrule, expected) self.parseInvalidRule(DbusRule, rawrule, expected)
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
DbusRule.create_instance('priority=a dbus,')
class DbusTestParseFromLog(DbusTest): class DbusTestParseFromLog(DbusTest):
def test_dbus_from_log(self): def test_dbus_from_log(self):

7
utils/test/test-file.py
View File

@ -123,16 +123,13 @@ class FileTestParseInvalid(FileTest):
('/foo PxUx,', (AppArmorException, True)), # exec mode conflict ('/foo PxUx,', (AppArmorException, True)), # exec mode conflict
('/foo PUxPix,', (AppArmorException, True)), # exec mode conflict ('/foo PUxPix,', (AppArmorException, True)), # exec mode conflict
('/foo Pi,', (AppArmorException, True)), # missing 'x' ('/foo Pi,', (AppArmorException, True)), # missing 'x'
('priority=-1042 file,', (AppArmorException, True)), # priority must be a number ('priority=-a file,', (AppArmorException, False)), # priority must be a number
('priority=-1042 file,', (AppArmorException, True)), # priority out of range
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(FileRule, rawrule, expected) self.parseInvalidRule(FileRule, rawrule, expected)
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
FileRule.create_instance('priority=a file,')
class FileTestNonMatch(AATest): class FileTestNonMatch(AATest):
tests = ( tests = (

10
utils/test/test-io_uring.py
View File

@ -53,20 +53,14 @@ class IOUringTestParseInvalid(AATest):
('io_uring label=,', (AppArmorException, True)), ('io_uring label=,', (AppArmorException, True)),
('io_uring invalidaccess label=foo,', (AppArmorException, True)), ('io_uring invalidaccess label=foo,', (AppArmorException, True)),
('io_uring sqpoll label=,', (AppArmorException, True)), ('io_uring sqpoll label=,', (AppArmorException, True)),
('foo', (AppArmorException, False)),
('priority=a io_uring,', (AppArmorException, False)),
('priority=1042 io_uring,', (AppArmorException, True)), ('priority=1042 io_uring,', (AppArmorException, True)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(IOUringRule, rawrule, expected) self.parseInvalidRule(IOUringRule, rawrule, expected)
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
IOUringRule.create_instance('priority=a io_uring,')
def test_parse_fail(self):
with self.assertRaises(AppArmorException):
IOUringRule.create_instance('foo,')
def test_diff_non_iouringrule(self): def test_diff_non_iouringrule(self):
exp = namedtuple('exp', ('audit', 'deny', 'priority')) exp = namedtuple('exp', ('audit', 'deny', 'priority'))
obj = IOUringRule(('sqpoll'), IOUringRule.ALL) obj = IOUringRule(('sqpoll'), IOUringRule.ALL)

14
utils/test/test-mount.py
View File

@ -128,20 +128,16 @@ class MountTestParseInvalid(AATest):
('priority=-1042 umount,', (AppArmorException, True)), ('priority=-1042 umount,', (AppArmorException, True)),
('mount fstype=({unclosed_regex),', (AppArmorException, True)), # invalid AARE ('mount fstype=({unclosed_regex),', (AppArmorException, True)), # invalid AARE
('mount fstype=({closed}twice}),', (AppArmorException, True)), # invalid AARE ('mount fstype=({closed}twice}),', (AppArmorException, True)), # invalid AARE
('foo,', (AppArmorException, False)),
('priority=a mount,', (AppArmorException, False)),
('priority=a umount,', (AppArmorException, False)),
('priority=a unmount,', (AppArmorException, False)),
('priority=a remount,', (AppArmorException, False)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(MountRule, rawrule, expected) self.parseInvalidRule(MountRule, rawrule, expected)
def test_parse_fail(self):
with self.assertRaises(AppArmorException):
MountRule.create_instance('foo,')
def test_invalid_priority(self):
for keyword in ['mount', 'umount', 'unmount', 'remount']:
with self.assertRaises(AppArmorException):
MountRule.create_instance('priority=a %s,' % keyword)
def test_invalid_priority_1(self): def test_invalid_priority_1(self):
with self.assertRaises(TypeError): with self.assertRaises(TypeError):
MountRule('mount', MountRule.ALL, MountRule.ALL, MountRule.ALL, MountRule.ALL, priority=MountRule.ALL) MountRule('mount', MountRule.ALL, MountRule.ALL, MountRule.ALL, MountRule.ALL, priority=MountRule.ALL)

10
utils/test/test-mqueue.py
View File

@ -66,20 +66,14 @@ class MessageQueueTestParseInvalid(AATest):
('mqueue type=,', (AppArmorException, True)), ('mqueue type=,', (AppArmorException, True)),
('mqueue type=sysv /foo,', (AppArmorException, True)), ('mqueue type=sysv /foo,', (AppArmorException, True)),
('mqueue type=posix 1234,', (AppArmorException, True)), ('mqueue type=posix 1234,', (AppArmorException, True)),
('priority=a mqueue,', (AppArmorException, False)),
('priority=-1042 mqueue,', (AppArmorException, True)), ('priority=-1042 mqueue,', (AppArmorException, True)),
('foo,', (AppArmorException, False)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(MessageQueueRule, rawrule, expected) self.parseInvalidRule(MessageQueueRule, rawrule, expected)
def test_parse_fail(self):
with self.assertRaises(AppArmorException):
MessageQueueRule.create_instance('foo,')
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
MessageQueueRule.create_instance('priority=a mqueue,')
def test_diff_non_mqueuerule(self): def test_diff_non_mqueuerule(self):
exp = namedtuple('exp', ('audit', 'deny', 'priority')) exp = namedtuple('exp', ('audit', 'deny', 'priority'))
obj = MessageQueueRule(('open'), 'posix', 'bar', '/foo') obj = MessageQueueRule(('open'), 'posix', 'bar', '/foo')

5
utils/test/test-network.py
View File

@ -130,16 +130,13 @@ class NetworkTestParseInvalid(NetworkTest):
('network inet peer=(ip=1:2:3:4:5:6:7:8:9:0:0:0),', (AppArmorException, True)), # too many segments ('network inet peer=(ip=1:2:3:4:5:6:7:8:9:0:0:0),', (AppArmorException, True)), # too many segments
('network packet ip=1::,', (AppArmorException, True)), # Only inet[6] domains can be used in conjunction with a local expression ('network packet ip=1::,', (AppArmorException, True)), # Only inet[6] domains can be used in conjunction with a local expression
('network packet peer=(ip=1::),', (AppArmorException, True)), # Only inet[6] domains can be used in conjunction with a peer expression ('network packet peer=(ip=1::),', (AppArmorException, True)), # Only inet[6] domains can be used in conjunction with a peer expression
('priority=a network,', (AppArmorException, False)),
('priority=-1042 network,', (AppArmorException, True)), ('priority=-1042 network,', (AppArmorException, True)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(NetworkRule, rawrule, expected) self.parseInvalidRule(NetworkRule, rawrule, expected)
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
NetworkRule.create_instance('priority=a network,')
class NetworkTestParseFromLog(NetworkTest): class NetworkTestParseFromLog(NetworkTest):
def test_net_from_log(self): def test_net_from_log(self):

11
utils/test/test-pivot_root.py
View File

@ -92,21 +92,14 @@ class PivotRootTestParseInvalid(PivotRootTest):
('pivot_root foo bar,', (AppArmorException, True)), ('pivot_root foo bar,', (AppArmorException, True)),
('pivot_root oldroot= ,', (AppArmorException, True)), ('pivot_root oldroot= ,', (AppArmorException, True)),
('pivot_root -> ,', (AppArmorException, True)), ('pivot_root -> ,', (AppArmorException, True)),
('priority=a pivot_root,', (AppArmorException, False)),
('priority=-1042 pivot_root,', (AppArmorException, True)), ('priority=-1042 pivot_root,', (AppArmorException, True)),
('pivot_rootbeer,', (AppArmorException, False))
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(PivotRootRule, rawrule, expected) self.parseInvalidRule(PivotRootRule, rawrule, expected)
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
PivotRootRule.create_instance('priority=a pivot_root,')
def test_invalid_rule_name(self):
self.assertFalse(PivotRootRule.match('pivot_rootbeer,'))
with self.assertRaises(AppArmorException):
PivotRootRule.create_instance('pivot_rootbeer,')
class PivotRootTestParseFromLog(PivotRootTest): class PivotRootTestParseFromLog(PivotRootTest):
def test_pivot_root_from_log(self): def test_pivot_root_from_log(self):

5
utils/test/test-ptrace.py
View File

@ -81,16 +81,13 @@ class PtraceTestParseInvalid(PtraceTest):
('ptrace read bar,', (AppArmorException, True)), ('ptrace read bar,', (AppArmorException, True)),
('ptrace read tracedby,', (AppArmorException, True)), ('ptrace read tracedby,', (AppArmorException, True)),
('ptrace peer=,', (AppArmorException, True)), ('ptrace peer=,', (AppArmorException, True)),
('priority=a ptrace,', (AppArmorException, False)),
('priority=1042 ptrace,', (AppArmorException, True)), ('priority=1042 ptrace,', (AppArmorException, True)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(PtraceRule, rawrule, expected) self.parseInvalidRule(PtraceRule, rawrule, expected)
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
PtraceRule.create_instance('priority=a ptrace,')
class PtraceTestParseFromLog(PtraceTest): class PtraceTestParseFromLog(PtraceTest):
def test_ptrace_from_log(self): def test_ptrace_from_log(self):

5
utils/test/test-signal.py
View File

@ -85,16 +85,13 @@ class SignalTestParseInvalid(SignalTest):
('signal set=int set=,', (AppArmorException, True)), ('signal set=int set=,', (AppArmorException, True)),
('signal set=invalid,', (AppArmorException, True)), ('signal set=invalid,', (AppArmorException, True)),
('signal peer=,', (AppArmorException, True)), ('signal peer=,', (AppArmorException, True)),
('priority=a signal,', (AppArmorException, False)),
('priority=-1042 signal,', (AppArmorException, True)), ('priority=-1042 signal,', (AppArmorException, True)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(SignalRule, rawrule, expected) self.parseInvalidRule(SignalRule, rawrule, expected)
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
SignalRule.create_instance('priority=a signal,')
class SignalTestParseFromLog(SignalTest): class SignalTestParseFromLog(SignalTest):
def test_signal_from_log(self): def test_signal_from_log(self):

10
utils/test/test-unix.py
View File

@ -70,20 +70,14 @@ class UnixTestParseInvalid(AATest):
# exception matches regex # exception matches regex
('unix invalid,', (AppArmorException, True)), ('unix invalid,', (AppArmorException, True)),
('unix (invalid),', (AppArmorException, True)), ('unix (invalid),', (AppArmorException, True)),
('foo,', (AppArmorException, False)),
('priority=a unix,', (AppArmorException, False)),
('priority=1042 unix,', (AppArmorException, True)), ('priority=1042 unix,', (AppArmorException, True)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(UnixRule, rawrule, expected) self.parseInvalidRule(UnixRule, rawrule, expected)
def test_parse_fail(self):
with self.assertRaises(AppArmorException):
UnixRule.create_instance('foo,')
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
UnixRule.create_instance('priority=a unix,')
def test_invalid_priority_1(self): def test_invalid_priority_1(self):
with self.assertRaises(TypeError): with self.assertRaises(TypeError):
UnixRule(UnixRule.ALL, UnixRule.ALL, UnixRule.ALL, UnixRule.ALL, False, False, False, '', priority=UnixRule.ALL) UnixRule(UnixRule.ALL, UnixRule.ALL, UnixRule.ALL, UnixRule.ALL, False, False, False, '', priority=UnixRule.ALL)

10
utils/test/test-userns.py
View File

@ -48,20 +48,14 @@ class UserNamespaceTestParseInvalid(AATest):
tests = ( tests = (
# exception matches regex # exception matches regex
('userns invalidaccess,', (AppArmorException, True)), ('userns invalidaccess,', (AppArmorException, True)),
('priority=a userns,', (AppArmorException, False)),
('priority=1042 userns,', (AppArmorException, True)), ('priority=1042 userns,', (AppArmorException, True)),
('foo,', (AppArmorException, False)),
) )
def _run_test(self, rawrule, expected): def _run_test(self, rawrule, expected):
self.parseInvalidRule(UserNamespaceRule, rawrule, expected) self.parseInvalidRule(UserNamespaceRule, rawrule, expected)
def test_parse_fail(self):
with self.assertRaises(AppArmorException):
UserNamespaceRule.create_instance('foo,')
def test_invalid_priority(self):
with self.assertRaises(AppArmorException):
UserNamespaceRule.create_instance('priority=a userns,')
def test_diff_non_usernsrule(self): def test_diff_non_usernsrule(self):
exp = namedtuple('exp', ('audit', 'deny', 'priority')) exp = namedtuple('exp', ('audit', 'deny', 'priority'))
obj = UserNamespaceRule(('create')) obj = UserNamespaceRule(('create'))