parser: equality tests: fix failing overlapping x rule tests

The test was passing because the file priority was always zero bug resulting in the priority rule always being correctly combined with the specific match x rule, instead of overriding it. Signed-off-by: John Johansen <john.johansen@canonical.com>
2025-03-04 08:24:42 +01:00 · 2024-12-04 22:24:52 -08:00 · 2024-12-04 22:24:52 -08:00 · 57c57f198c
commit 57c57f198c
parent 4b410b67f1
1 changed files with 25 additions and 1 deletions
--- a/parser/tst/equality.sh
+++ b/parser/tst/equality.sh
@ -57,6 +57,30 @@ priority_eq()
 	return 1
 }

+priority_lt()
+{
+	local p1=$(map_priority "$1")
+	local p2=$(map_priority "$2")
+
+	if [ $p1 -lt $p2 ] ; then
+		return 0
+	fi
+
+	return 1
+}
+
+priority_gt()
+{
+	local p1=$(map_priority "$1")
+	local p2=$(map_priority "$2")
+
+	if [ $p1 -gt $p2 ] ; then
+		return 0
+	fi
+
+	return 1
+}
+
 hash_binary_policy()
 {
 	printf %s "$1" | ${APPARMOR_PARSER} --features-file "${_SCRIPTDIR}/features_files/$features_file" -qS 2>/dev/null| md5sum | cut -d ' ' -f 1
@ -578,7 +602,7 @@ do
 	             "pix -> b" "Pix -> b" "cux -> b" "Cux -> b" \
 	             "cix -> b" "Cix -> b"
 	do
-		if [ "$perm1" == "$perm2" ] ; then
+		if [ "$perm1" == "$perm2" ] || priority_gt "$p1" "" ; then
 			verify_binary_equality "'$p1'x'$p2' Exec perm \"${perm1}\" - most specific match: same as glob" \
 				"/t { $p1 /* ${perm1}, /f ${perm2}, }" \
 				"/t { $p2 /* ${perm1}, }"