-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 23-05-26 16:09:45, Ben Grande wrote:
> On 23-05-26 17:57:56, Marek Marczykowski-Górecki wrote:
> > On Fri, May 26, 2023 at 03:48:18PM +0000, Ben Grande wrote:
> > > Issue report.
> > >
> > > Fails:
> > > !include a b
> > > Works:
> > > !include-dir a b
> > >
> > > I believe that !include-dir should also throw an exception on invalid
> > > number of params, but it currently doesn't. I did not understand why
> > > !include can raise the exception and !include-dir, that has the same
> > > code, doesn't.
> >
> > I can't confirm it, for me both fail. Which qrexec package versions do
> > you have?
>
> 4.1.21
> Noticed something strange, the parser does not throw an error when
> calling with qubes-policy-lint, it only throws error during runtime.
> Can this be improved?
> Test with TestPolicy and StringPolicy and see what happens instead of
> checking the logs, which are runtime.
Some testing showed me that using !include-dir in an old format policy
(which should not be allowed) such as the ones in include/ shows the
error during runtime, but not when calling the parser with StringPolicy.
The more general question is, can we avoid runtime to detect these kind
of problems? I don't believe this is an error on qubes-policy-lint, as
it is simply using StringPolicy.
- --
Benjamin Grande
-----BEGIN PGP SIGNATURE-----
iNUEARYKAH0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCZHDkdl8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjQ5
NjcxMURCMTQ1MUVFNzQ1MjZCRDQ1MUI3MzE0QkYwQ0NDOTY4NwAKCRAbcxS/DMyW
h4a2AQDSLnvINAZxV038ew+hOVkL6zIXjaSAyDypIOn/VRnvWAEAoyTLwZLfUokn
ykJQtAeipkPO6U1xNR3OQirlSjiDsgQ=
=9XdS
-----END PGP SIGNATURE-----