[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unicode confusables and reordering characters considered harmful, a

From: Gregory Heytings
Subject: Re: Unicode confusables and reordering characters considered harmful, a simple solution
Date: Fri, 05 Nov 2021 23:33:39 +0000

The right balance is where the percent of false positives is very low.

IMO, that's not the right balance: the right balance is where the percentage of false negatives is zero. When security is at stake, I very much prefer too many false positives to missing one danger. In particular because such warnings give you the feeling that there is no danger when there is no warning.

I encourage you to read the comments in the implementation I wrote, to see which cases I consider "suspicious".

This "I consider" is the problem of your approach. Malevolent actors are always more inventive, and will find a way to escape the safety net you created. The cases you consider suspicious are cases where the directionality of one or more characters is overridden by reordering control characters, but this is not what the "Trojan Source" paper is about. The problem it points to is much broader, it's about using these invisible control characters to make the source code appear different to a human reader and to a compiler.

In fact, it did not take me much time to create a case that your algorithm doesn't detect (and AFAIU cannot detect without also displaying warnings about many legitimate uses). I attach the example code, how that code is displayed by Emacs, and how that code would be displayed with the patch I proposed.

Attachment: bidi-reordering.c
Description: Text Data

Attachment: bidi-reordering.png
Description: PNG image

Attachment: bidi-reordering-display.png
Description: PNG image

reply via email to

[Prev in Thread] Current Thread [Next in Thread]