[ovs-dev] [PATCH v3] checkpatch: Detect "trojan source" attack

Mike Pattrick mkp at redhat.com
Thu Nov 18 15:45:45 UTC 2021


Recently there has been a lot of press about the "trojan source" attack,
where Unicode characters are used to obfuscate the true functionality of
code. This attack didn't effect OVS, but adding the check here will help
guard against it sneaking in later.

Signed-off-by: Mike Pattrick <mkp at redhat.com>
---
Changes in v2:
   - Now all unicode characters will result in an error.

Changes in v3:
   - Added a test to validate behavior

Signed-off-by: Mike Pattrick <mkp at redhat.com>
---
 tests/checkpatch.at     | 22 ++++++++++++++++++++++
 utilities/checkpatch.py | 11 +++++++++++
 2 files changed, 33 insertions(+)

diff --git a/tests/checkpatch.at b/tests/checkpatch.at
index 68c917af9..fadb625e9 100755
--- a/tests/checkpatch.at
+++ b/tests/checkpatch.at
@@ -424,3 +424,25 @@ try_checkpatch \
 "
 
 AT_CLEANUP
+
+AT_SETUP([checkpatch - Unicode code])
+try_checkpatch \
+   "COMMON_PATCH_HEADER
+    +     if (snowman == ☃️) {  /* Emoji
+    +     void НelloWorld() {  /* Homoglyph
+    +     ة /* ;C++            /* BiDi
+    " \
+    "ERROR: Inappropriate non-ascii characters detected.
+    #8 FILE: A.c:1:
+         if (snowman == ☃️) {  /* Emoji
+
+ERROR: Inappropriate non-ascii characters detected.
+    #9 FILE: A.c:2:
+         void НelloWorld() {  /* Homoglyph
+
+ERROR: Inappropriate non-ascii characters detected.
+    #10 FILE: A.c:3:
+         ة /* ;C++            /* BiDi
+"
+
+AT_CLEANUP
diff --git a/utilities/checkpatch.py b/utilities/checkpatch.py
index bf95358d5..03d91f765 100755
--- a/utilities/checkpatch.py
+++ b/utilities/checkpatch.py
@@ -181,6 +181,7 @@ __regex_added_doc_rst = re.compile(
 __regex_empty_return = re.compile(r'\s*return;')
 __regex_if_macros = re.compile(r'^ +(%s) \([\S]([\s\S]+[\S])*\) { +\\' %
                                __parenthesized_constructs)
+__regex_nonascii_characters = re.compile("[^ -~\t]")
 
 skip_leading_whitespace_check = False
 skip_trailing_whitespace_check = False
@@ -294,6 +295,11 @@ def pointer_whitespace_check(line):
     return __regex_ptr_declaration_missing_whitespace.search(line) is not None
 
 
+def nonascii_character_check(line):
+    """Return TRUE if inappropriate Unicode characters are detected """
+    return __regex_nonascii_characters.search(line) is not None
+
+
 def cast_whitespace_check(line):
     """Return TRUE if there is no space between the '()' used in a cast and
        the expression whose type is cast, i.e.: '(void *)foo'"""
@@ -565,6 +571,11 @@ checks = [
      'print':
      lambda: print_error("Inappropriate spacing in pointer declaration")},
 
+    {'regex': r'(\.c|\.h)(\.in)?$', 'match_name': None,
+     'check': lambda x: nonascii_character_check(x),
+     'print':
+     lambda: print_error("Inappropriate non-ascii characters detected.")},
+
     {'regex': r'(\.c|\.h)(\.in)?$', 'match_name': None,
      'prereq': lambda x: not is_comment_line(x),
      'check': lambda x: cast_whitespace_check(x),
-- 
2.27.0



More information about the dev mailing list