Re: Unicode confusables and reordering characters considered harmful, a

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unicode confusables and reordering characters considered harmful, a

From:	Gregory Heytings
Subject:	Re: Unicode confusables and reordering characters considered harmful, a simple solution
Date:	Fri, 05 Nov 2021 23:31:38 +0000

myfun("שָׁלוֹם" ,"السّلامعليكم");
There is no danger in that example, and in particular nothinginvisible.
I'm pretty sure an attacker can use the above confusing arg order toturn an apparently harmless program into a security hole.

That's possible indeed, but this is not what the "Trojan Source" paper isabout. The example you show is only one instance of the many possiblereasons why a piece of code can be difficult to interpret, there are manyothers, e.g. misleading indentation in code. The point made by the"Trojan Source" paper is only about invisible reordering controlcharacters.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Unicode confusables and reordering characters considered harmful, a simple solution, (continued)

Prev by Date: Re: New command: move-past-close
Next by Date: Re: Unicode confusables and reordering characters considered harmful, a simple solution
Previous by thread: Re: Unicode confusables and reordering characters considered harmful, a simple solution
Next by thread: Re: Unicode confusables and reordering characters considered harmful, a simple solution
Index(es):
- Date
- Thread