diff --git a/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.err b/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.err new file mode 100644 index 000000000..e69de29bb diff --git a/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.in b/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.in new file mode 100644 index 000000000..7c265aca2 --- /dev/null +++ b/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.in @@ -0,0 +1 @@ +type=AVC msg=audit(1562529588.082:3153): apparmor="DENIED" operation="open" profile="unbalanced_parenthesis" name="/dev/shm/test(me" pid=888 comm="cat" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 diff --git a/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.out b/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.out new file mode 100644 index 000000000..6d224e3dd --- /dev/null +++ b/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.out @@ -0,0 +1,15 @@ +START +File: unbalanced_parenthesis.in +Event type: AA_RECORD_DENIED +Audit ID: 1562529588.082:3153 +Operation: open +Mask: r +Denied Mask: r +fsuid: 1000 +ouid: 1000 +Profile: unbalanced_parenthesis +Name: /dev/shm/test(me +Command: cat +PID: 888 +Epoch: 1562529588 +Audit subid: 3153 diff --git a/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.profile b/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.profile new file mode 100644 index 000000000..ecd665356 --- /dev/null +++ b/libraries/libapparmor/testsuite/test_multi/unbalanced_parenthesis.profile @@ -0,0 +1,4 @@ +profile unbalanced_parenthesis { + owner /dev/shm/test(me r, + +} diff --git a/utils/apparmor/common.py b/utils/apparmor/common.py index 5abfec784..1091e1999 100644 --- a/utils/apparmor/common.py +++ b/utils/apparmor/common.py @@ -217,6 +217,9 @@ def hasher(): def convert_regexp(regexp): regex_paren = re.compile('^(.*){([^}]*)}(.*)$') regexp = regexp.strip() + + regexp = regexp.replace('(', '\\(').replace(')', '\\)') # escape '(' and ')' + new_reg = re.sub(r'(?