[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unicode confusables and reordering characters considered harmful, a

From: Stefan Kangas
Subject: Re: Unicode confusables and reordering characters considered harmful, a simple solution
Date: Fri, 5 Nov 2021 06:08:42 -0700

Eli Zaretskii <eliz@gnu.org> writes:

> Because the way this is being proposed, i.e. issue a warning whenever
> any of the directional controls are present, its signal-to-noise ratio
> will be too low to be useful.  If the proposal is to teach the
> byte-compiler to identify the cases flagged by
> bidi-find-overridden-directionality, then I don't mind to it
> triggering a warning.

OK, that's a fair point.

I didn't study `bidi-find-overridden-directionality' yet, but the
"Trojan Source" paper writes:

    "By banning all directionality-control characters, users with
    legitimate Bidi-override use cases in comments are penalized.
    Therefore, a better defense might be to ban the use of
    _unterminated_ Bidi override characters within string literals and
    comments.  By ensuring that each override is terminated – that is,
    for example, that every LRI has a matching PDI– it becomes
    impossible to distort legitimate source code outside of string
    literals and comments."  (p. 8, their emphasis)

So, IIUC, the problematic cases are "unterminated Bidi override
characters", and those are the ones worth warning about.  Does that
sound correct to you?

> Adding one line is a nuisance.  If it can be avoided, we should avoid
> it.  Since we are capable of detecting the really suspicious uses of
> those controls, it is much better to use that, because in that case
> users will not have to add anything.

I agree that it does sound better to prefer such an approach if

reply via email to

[Prev in Thread] Current Thread [Next in Thread]