From dad66f663b0099c7f2dab99935b31d1e76dd07b0 Mon Sep 17 00:00:00 2001
From: doublez13 <doublezane@gmail.com>
Date: Tue, 18 Feb 2025 16:47:36 +0000
Subject: [PATCH] rule_ents from conditional block are dropped

In the following policy, "ptrace" would be dropped during merging:

$FOO=true
/bin/true {
  if $FOO {
      ptrace,
  }
}

Current behavior:
----- Debugging built structures -----
Name:		/bin/true
Local To:	<NULL>
Mode:

With patch:
----- Debugging built structures -----
Name:		/bin/true
Local To:	<NULL>
Mode:
ptrace,
---
 parser/parser_policy.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/parser/parser_policy.c b/parser/parser_policy.c
index facb1d173..58d4fad01 100644
--- a/parser/parser_policy.c
+++ b/parser/parser_policy.c
@@ -178,6 +178,8 @@ Profile *merge_policy(Profile *a, Profile *b)
 		}
 	}
 
+	a->rule_ents.splice(a->rule_ents.end(), b->rule_ents);
+
 	merge_hats(a, b->hat_table);
 	delete b;
 out: