parser: Allow xattr globbing to match the NULL character

xattrs are a byte string that can contain all input characters including
the null character. Allow * ** and ? glob patterns to match the null
character while retaining their apparmor characteristics for '/'.

That is * and ? won't traverse a '/' treating it as a path element.
While ** will match anything.

Signed-off-by: John Johansen <john.johansen@canonical.com>

parser/parser_regex.c

@@ -227,7 +227,18 @@ pattern_t convert_aaregex_to_pcre(const char *aare, int anchor, int glob,
 			} else {
 				update_re_pos(sptr - aare);
 				ptype = ePatternRegex;
-				pcre.append("[^/\\x00]");
+				switch (glob) {
+				case glob_default:
+					pcre.append("[^/\\x00]");
+					break;
+				case glob_null:
+					pcre.append("[^/]");
+					break;
+				default:
+					PERROR(_("%s: Invalid glob type %d\n"), progname, glob);
+					error = e_parse_error;
+					break;
+				}
 			}
 			break;
 
@@ -510,7 +521,7 @@ static int process_profile_name_xmatch(Profile *prof)
 				int len;
 				tbuf.clear();
 				convert_aaregex_to_pcre(xattr_value, 0,
-							glob_default, tbuf,
+							glob_null, tbuf,
 							&len);
 				if (!rules->append_rule(tbuf.c_str(), true, dfaflags)) {
 					delete rules;