diff --git a/tests/apex_sepolicy_tests.py b/tests/apex_sepolicy_tests.py
index 0bcc99867..c8ecc608f 100644
--- a/tests/apex_sepolicy_tests.py
+++ b/tests/apex_sepolicy_tests.py
@@ -83,14 +83,16 @@ def check_rule(pol, path: str, tcontext: str, rule: Rule) -> List[str]:
     """Returns error message if scontext can't read the target"""
     match rule:
         case AllowRead(tclass, scontext):
-            te_rules = list(pol.QueryTERule(scontext=scontext,
-                                            tcontext={tcontext},
-                                            tclass={tclass},
-                                            perms={'read'}))
-            if len(te_rules) > 0:
-                return []  # no errors
+            # Test every source in scontext(set)
+            for s in scontext:
+                te_rules = list(pol.QueryTERule(scontext={s},
+                                                tcontext={tcontext},
+                                                tclass={tclass},
+                                                perms={'read'}))
+                if len(te_rules) > 0:
+                    return []  # no errors
 
-            return [f"Error: {path}: {scontext} can't read. (tcontext={tcontext})"]
+                return [f"Error: {path}: {s} can't read. (tcontext={tcontext})"]
 
 
 rules = [
diff --git a/tests/apex_sepolicy_tests_test.py b/tests/apex_sepolicy_tests_test.py
index 9b427a0ee..9c87a00cb 100644
--- a/tests/apex_sepolicy_tests_test.py
+++ b/tests/apex_sepolicy_tests_test.py
@@ -93,6 +93,8 @@ class ApexSepolicyTests(unittest.TestCase):
         self.assert_ok('./etc/linker.config.pb u:object_r:linkerconfig_file:s0')
         self.assert_error('./etc/linker.config.pb u:object_r:vendor_file:s0',
                         r'Error: .*linkerconfig.* can\'t read')
+        self.assert_error('./ u:object_r:apex_data_file:s0',
+                        r'Error: .*linkerconfig.* can\'t read')
 
 if __name__ == '__main__':
     unittest.main(verbosity=2)