parser: fix filter slashes for link targets

The parser is failing to properly filter the slashes in the link name
after variable expansion. Causing match failures when multiple slashes
occur.

Fixes: https://gitlab.com/apparmor/apparmor/-/issues/153
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/723
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve.beattie@canonical.com>

parser/parser_regex.c

@@ -642,6 +642,7 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
 		int pos;
 		vec[0] = tbuf.c_str();
 		if (entry->link_name) {
+			filter_slashes(entry->link_name);
 			ptype = convert_aaregex_to_pcre(entry->link_name, 0, glob_default, lbuf, &pos);
 			if (ptype == ePatternInvalid)
 				return FALSE;

parser/tst/equality.sh

@@ -618,6 +618,20 @@ verify_binary_equality "mount rules slash filtering" \
                        "@{FOO}=/foo
                            /t { mount /dev//@{FOO} -> /mnt/bar, }"
 
+# verify slash filtering for link rules
+verify_binary_equality "link rules slash filtering" \
+                       "/t { link /dev/foo -> /mnt/bar, }" \
+                       "/t { link ///dev/foo -> /mnt/bar, }" \
+                       "/t { link /dev/foo -> /mnt//bar, }" \
+                       "/t { link /dev///foo -> ////mnt/bar, }" \
+                       "@{BAR}=/mnt/
+                           /t { link /dev///foo -> @{BAR}/bar, }" \
+                       "@{FOO}=/dev/
+                           /t { link @{FOO}//foo -> /mnt/bar, }" \
+                       "@{FOO}=/dev/
+                        @{BAR}=/mnt/
+                           /t { link @{FOO}/foo -> @{BAR}/bar, }" \
+
 if [ $fails -ne 0 ] || [ $errors -ne 0 ]
 then
 	printf "ERRORS: %d\nFAILS: %d\n" $errors $fails 2>&1