From a4330fe3787a97fe5b55eb787ce5746cea46ad14 Mon Sep 17 00:00:00 2001
From: vaxerski <43317083+vaxerski@users.noreply.github.com>
Date: Tue, 18 Apr 2023 11:48:56 +0100
Subject: [PATCH] misc: scan ppids in exec rules

---
 src/config/ConfigManager.cpp | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/config/ConfigManager.cpp b/src/config/ConfigManager.cpp
index 9454c16a..375dde1b 100644
--- a/src/config/ConfigManager.cpp
+++ b/src/config/ConfigManager.cpp
@@ -1673,18 +1673,22 @@ std::vector<SWindowRule> CConfigManager::getMatchingRules(CWindow* pWindow) {
         returns.push_back(rule);
     }
 
-    const uint64_t PID          = pWindow->getPID();
-    bool           anyExecFound = false;
+    std::vector<uint64_t> PIDs = {(uint64_t)pWindow->getPID()};
+    while (getPPIDof(PIDs.back()) > 10)
+        PIDs.push_back(getPPIDof(PIDs.back()));
+
+    bool anyExecFound = false;
 
     for (auto& er : execRequestedRules) {
-        if (er.iPid == PID) {
+        if (std::ranges::any_of(PIDs, [&](const auto& pid) { return pid == er.iPid; })) {
             returns.push_back({er.szRule, "execRule"});
             anyExecFound = true;
         }
     }
 
     if (anyExecFound) // remove exec rules to unclog searches in the future, why have the garbage here.
-        execRequestedRules.erase(std::remove_if(execRequestedRules.begin(), execRequestedRules.end(), [&](const SExecRequestedRule& other) { return other.iPid == PID; }));
+        execRequestedRules.erase(std::remove_if(execRequestedRules.begin(), execRequestedRules.end(),
+                                                [&](const SExecRequestedRule& other) { return std::ranges::any_of(PIDs, [&](const auto& pid) { return pid == other.iPid; }); }));
 
     return returns;
 }