Merge aa-status: Fix malformed json output

In some cases (if profiles in complain _and_ enforce mode are loaded), the `i` loop runs more
than once, which also means `j == 0` is true in the middle of the json.
This causes invalid json.

This patch fixes this.

This is a regression related to 22aa9b6161
/ https://gitlab.com/apparmor/apparmor/-/merge_requests/964 /
https://gitlab.com/apparmor/apparmor/-/issues/295
which fixed another case of invalid json if a process was unconfined
while having a profile defined.

Note: I also tested this patch for the "unconfined, but has a profile
defined" case to ensure it doesn't break what
22aa9b6161 fixed.

This fix is needed in all branches that also got !964 (which means 3.1 and 3.0).

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1036
Fixes: https://gitlab.com/apparmor/apparmor/-/issues/295
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
backported-from: 88d2bf45a Merge aa-status: Fix malformed json output
Signed-off-by: John Johansen <john.johansen@canonical.com>

binutils/aa_status.c

@@ -454,6 +454,7 @@ static int detailed_output(FILE *json) {
 	const char *process_statuses[] = {"enforce", "complain", "unconfined", "mixed", "kill"};
 	int ret;
 	size_t i;
+	int need_finish = 0;
 
 	ret = get_profiles(&profiles, &nprofiles);
 	if (ret != 0) {
@@ -534,19 +535,20 @@ static int detailed_output(FILE *json) {
 				} else {
 					fprintf(json, "%s\"%s\": [{\"profile\": \"%s\", \"pid\": \"%s\", \"status\": \"%s\"}",
 					       // first element will be a unique executable
-					       j == 0 ? "" : "], ",
+					       j == 0 && !need_finish ? "" : "], ",
 					       filtered[j].exe, filtered[j].profile, filtered[j].pid, filtered[j].mode);
 				}
 
-			}
-			if (j > 0) {
-				fprintf(json, "]");
+				need_finish = 1;
 			}
 		}
 		free_processes(filtered, nfiltered);
 	}
 	if (json) {
-		fprintf(json, "}}\n");
+		if (need_finish > 0) {
+			fprintf(json, "]");
+		}
+		fprintf(json, "}\n");
 	}
 
 exit: