[ovs-dev] [PATCH v2] checkpatch: Detect "trojan source" attack

Ilya Maximets i.maximets at ovn.org
Wed Nov 17 17:02:19 UTC 2021


On 11/17/21 17:58, Aaron Conole wrote:
> Mike Pattrick <mkp at redhat.com> writes:
> 
>> Recently there has been a lot of press about the "trojan source" attack,
>> where Unicode characters are used to obfuscate the true functionality of
>> code. This attack didn't effect OVS, but adding the check here will help
>> guard against it sneaking in later.
>>
>> Signed-off-by: Mike Pattrick <mkp at redhat.com>
>> ---
>> Changes in v2:
>>    - Now all unicode characters will result in an error.
>> ---
> 
> I was going to suggest a checkpatch test for this - but that might
> result in the patch triggering itself with an error (because the robot
> uses the submitted version of checkpatch.py when testing).
> 
> WDYT, Ilya, Gaëtan?

I think, it's good to have a test for a secutiry related functionality.
And I don't think that checkpatch checks python or test files.  Does it?

> 
> In either case:
> 
> Acked-by: Aaron Conole <aconole at redhat.com>
> 



More information about the dev mailing list