[ovs-dev] [PATCH v2] checkpatch: Detect "trojan source" attack
aconole at redhat.com
Thu Nov 18 13:44:47 UTC 2021
Ilya Maximets <i.maximets at ovn.org> writes:
> On 11/17/21 17:58, Aaron Conole wrote:
>> Mike Pattrick <mkp at redhat.com> writes:
>>> Recently there has been a lot of press about the "trojan source" attack,
>>> where Unicode characters are used to obfuscate the true functionality of
>>> code. This attack didn't effect OVS, but adding the check here will help
>>> guard against it sneaking in later.
>>> Signed-off-by: Mike Pattrick <mkp at redhat.com>
>>> Changes in v2:
>>> - Now all unicode characters will result in an error.
>> I was going to suggest a checkpatch test for this - but that might
>> result in the patch triggering itself with an error (because the robot
>> uses the submitted version of checkpatch.py when testing).
>> WDYT, Ilya, Gaëtan?
> I think, it's good to have a test for a secutiry related functionality.
> And I don't think that checkpatch checks python or test files. Does it?
It will in some cases, but this isn't one. Okay I missed it. Yes,
please add a test to tests/checkpatch.at so that we can ensure this
>> In either case:
>> Acked-by: Aaron Conole <aconole at redhat.com>
More information about the dev