Fix crash on unbalanced parenthesis in filename

convert_regexp() needs to escape '(' and ')' in filenames taken from a
logfile to get rid of their special meaning, and to avoid a crash on
unbalanced parenthesis (which makes the regex invalid if they are not
escaped).

Note: The added tests include an example log line, but the tests itsself
don't/didn't trigger the crash because they don't call convert_regexp().

Fixes: https://bugs.launchpad.net/bugs/1835311

libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.in

@@ -0,0 +1 @@
+type=AVC msg=audit(1562529588.082:3153): apparmor="DENIED" operation="open" profile="unbalanced_parenthesis" name="/dev/shm/test(me" pid=888 comm="cat" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000

libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.out

@@ -0,0 +1,15 @@
+START
+File: unbalanced_parenthesis.in
+Event type: AA_RECORD_DENIED
+Audit ID: 1562529588.082:3153
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 1000
+Profile: unbalanced_parenthesis
+Name: /dev/shm/test(me
+Command: cat
+PID: 888
+Epoch: 1562529588
+Audit subid: 3153

libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.profile

@@ -0,0 +1,4 @@
+profile unbalanced_parenthesis {
+  owner /dev/shm/test(me r,
+
+}

utils/apparmor/common.py

@@ -217,6 +217,9 @@ def hasher():
 def convert_regexp(regexp):
     regex_paren = re.compile('^(.*){([^}]*)}(.*)$')
     regexp = regexp.strip()
+
+    regexp = regexp.replace('(', '\\(').replace(')', '\\)')  # escape '(' and ')'
+
     new_reg = re.sub(r'(?<!\\)(\.|\+|\$)', r'\\\1', regexp)
 
     while regex_paren.search(new_reg):