qrexec parser - !include-dir allows multiple params

[Ben Grande]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Issue report.

Fails:
!include a b
Works:
!include-dir a b

I believe that !include-dir should also throw an exception on invalid
number of params, but it currently doesn't. I did not understand why
!include can raise the exception and !include-dir, that has the same
code, doesn't.

- --
Benjamin Grande
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCZHDUwl8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjQ5
NjcxMURCMTQ1MUVFNzQ1MjZCRDQ1MUI3MzE0QkYwQ0NDOTY4NwAKCRAbcxS/DMyW
h3NHAQCIJhtdzkhVsjleqw+7isOsJ7xPtlAb0pXeBWpnf8vz1gEAs7NNUgZsBiv4
DHUOEC1oV9wPWcFAB+LEyXG0We65oQ8=
=N8Uz
-----END PGP SIGNATURE-----

[Marek Marczykowski-Górecki]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Fri, May 26, 2023 at 03:48:18PM +0000, Ben Grande wrote:
> Issue report.
>
> Fails:
> !include a b
> Works:
> !include-dir a b
>
> I believe that !include-dir should also throw an exception on invalid
> number of params, but it currently doesn't. I did not understand why
> !include can raise the exception and !include-dir, that has the same
> code, doesn't.

I can't confirm it, for me both fail. Which qrexec package versions do
you have?

- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmRw1wQACgkQ24/THMrX
1yxIeAf/Yc3wYavWlq6a+4CbPfWWXsXTdP6L2dqKMYga+Dpj2V21/NN7/5csYbxT
h3DzojeSgO/I2Q3ltvcY3jA724dsd9WhXwfvH/bPXqulnZ6vROslVZhUBENGmo/x
ZY2xTK+nTAhBOBxXyucNYPEaN/9NXVFEBssBNblEPmO4ep9Qgbvr1N2YMTJURQrZ
Uj82wwJHud3HtoJpx6Xk96d3P7XKjz4PwFw8XVqeyCjk2WGPSGIDZtK3InKWpxJV
kgAT12HHaq6TcDZXUS7s+ZFIzojUZhjBnG3PCgJnx+VbLlLbtkmhKieZG1BjQQsn
xxdUSRbYpUItzxcFqSergC3Auql37w==
=NpuG
-----END PGP SIGNATURE-----

[Ben Grande]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 23-05-26 17:57:56, Marek Marczykowski-Górecki wrote:
> On Fri, May 26, 2023 at 03:48:18PM +0000, Ben Grande wrote:
> > Issue report.
> >
> > Fails:
> > !include a b
> > Works:
> > !include-dir a b
> >
> > I believe that !include-dir should also throw an exception on invalid
> > number of params, but it currently doesn't. I did not understand why
> > !include can raise the exception and !include-dir, that has the same
> > code, doesn't.
>
> I can't confirm it, for me both fail. Which qrexec package versions do
> you have?

4.1.21
Noticed something strange, the parser does not throw an error when
calling with qubes-policy-lint, it only throws error during runtime.
Can this be improved?
Test with TestPolicy and StringPolicy and see what happens instead of
checking the logs, which are runtime.

>
> --
> Best Regards,
> Marek Marczykowski-Górecki
> Invisible Things Lab
>
> --

> You received this message because you are subscribed to the Google Groups "qubes-devel" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/ZHDXBA2xtK63nJab%40mail-itl.

- --
Benjamin Grande
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCZHDZyF8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjQ5
NjcxMURCMTQ1MUVFNzQ1MjZCRDQ1MUI3MzE0QkYwQ0NDOTY4NwAKCRAbcxS/DMyW
h+wFAQDmtL6KUnHiLaWtb/eGJHY2PbGEx3H4EW1686Uql5lWegEAo8/2enQZDzvU
wQqwP6soH1ddnBh2E5SCldk9zdvHEAQ=
=eW89
-----END PGP SIGNATURE-----

[Ben Grande]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 23-05-26 16:09:45, Ben Grande wrote:
> On 23-05-26 17:57:56, Marek Marczykowski-Górecki wrote:
> > On Fri, May 26, 2023 at 03:48:18PM +0000, Ben Grande wrote:
> > > Issue report.
> > >
> > > Fails:
> > > !include a b
> > > Works:
> > > !include-dir a b
> > >
> > > I believe that !include-dir should also throw an exception on invalid
> > > number of params, but it currently doesn't. I did not understand why
> > > !include can raise the exception and !include-dir, that has the same
> > > code, doesn't.
> >
> > I can't confirm it, for me both fail. Which qrexec package versions do
> > you have?
>
> 4.1.21
> Noticed something strange, the parser does not throw an error when
> calling with qubes-policy-lint, it only throws error during runtime.
> Can this be improved?
> Test with TestPolicy and StringPolicy and see what happens instead of
> checking the logs, which are runtime.

Some testing showed me that using !include-dir in an old format policy
(which should not be allowed) such as the ones in include/ shows the
error during runtime, but not when calling the parser with StringPolicy.

The more general question is, can we avoid runtime to detect these kind
of problems? I don't believe this is an error on qubes-policy-lint, as
it is simply using StringPolicy.

- --
Benjamin Grande
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCZHDkdl8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjQ5
NjcxMURCMTQ1MUVFNzQ1MjZCRDQ1MUI3MzE0QkYwQ0NDOTY4NwAKCRAbcxS/DMyW
h4a2AQDSLnvINAZxV038ew+hOVkL6zIXjaSAyDypIOn/VRnvWAEAoyTLwZLfUokn
ykJQtAeipkPO6U1xNR3OQirlSjiDsgQ=
=9XdS
-----END PGP SIGNATURE-----

[Ben Grande]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 23-05-26 16:55:19, Ben Grande wrote:
> The more general question is, can we avoid runtime to detect these kind
> of problems? I don't believe this is an error on qubes-policy-lint, as
> it is simply using StringPolicy.
>
> --

> Benjamin Grande

I ate my tongue, problem is with qubes-policy-lint, which I will be
fixing and pushing to the lint branch.
Sorry for trouble.

- --
Benjamin Grande
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCZHDw918UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjQ5
NjcxMURCMTQ1MUVFNzQ1MjZCRDQ1MUI3MzE0QkYwQ0NDOTY4NwAKCRAbcxS/DMyW
h7hJAPsEyRZgVVK0Bl4GwogToA0MPX7l/gwif/A3cCDdBfm0WQD8D+Z3sxcMgdbu
pqdBr61ZD/3n/QMSXLt/+hDAtmZxbQY=
=UQWh
-----END PGP SIGNATURE-----