Allow using /([^/]+/)? and (/[^/]+)?/ in patterns

These are valid expressions in the middle of a pattern in a .fc file, in
order to match an optional subdirectory level.

Some recent commits introduced "/([^/]+/)?" in the policy:
* commit b8f2c55109ba ("cups: use ([^/]+/)? to match a subdirectory of
  CUPS configuration")
* commit 4b02c2230d02 ("authlogin: label utempter correctly on Debian")

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Signed-off-by: Jason Zaman <perfinion@gentoo.org>

1 files changed, 6 insertions, 0 deletions

diff --git a/testing/check_fc_files.py b/testing/check_fc_files.py
index c9699132..c7ed7e36 100755
--- a/testing/check_fc_files.py
+++ b/testing/check_fc_files.py
@@ -129,6 +129,10 @@ def analyze_fc_file(fc_path):
                 print(f"{prefix}using (.*/)? without a previous slash could be a bug in {path} as it can match the empty string, please use /(.*/)? instead")  # noqa
                 retval = False
 
+            if re.search(r'[^/]\(\[\^/\]\+/\)\?', path):
+                print(f"{prefix}using ([^/]+/)? without a previous slash could be a bug in {path} as it can match the empty string, please use /([^/]+/)? instead")  # noqa
+                retval = False
+
             if re.search(r'[^/]\(\.\*/\)\*', path):
                 print(f"{prefix}using (.*/)* without a previous slash could be a bug in {path} as it can match the empty string, please use /(.*/)* instead")  # noqa
                 retval = False
@@ -202,6 +206,8 @@ def analyze_fc_file(fc_path):
                 retval = False
 
             # Remove optional directories and filename parts
+            reduced_path = reduced_path.replace('/([^/]+/)?', '/')
+            reduced_path = reduced_path.replace('(/[^/]+)?/', '/')
             reduced_path = reduced_path.replace('[^/]*', '')
             reduced_path = reduced_path.replace('[^/]+', '∞')
             reduced_path = reduced_path.replace('[^/-]+', '∞')