Announcement

Collapse
No announcement yet.

GCC & LLVM Patches Pending To Fend Off Trojan Source Attacks

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • GCC & LLVM Patches Pending To Fend Off Trojan Source Attacks

    Phoronix: GCC & LLVM Patches Pending To Fend Off Trojan Source Attacks

    Making rounds today are the "Trojan Source" attacks by which text displayed to the end-user/developer doesn't match what is actually being executed. The problem stems from Unicode standards and could lead to malicious code being inadvertently introduced into upstream code-bases that could be overlooked during code review processes, etc. GCC and LLVM/Clang are among the early compilers preparing defenses against Trojan Source style attacks...

    https://www.phoronix.com/scan.php?pa...-Trojan-Source

  • #2
    I would think compiler should warn BY DEFAULT that something's fishy, and just offer an opt-out switch.
    This affects source code only, not external data.
    As I understand it, no regular RTL strings in source should be affected, only BiDi marks, overrides, etc.

    Comment


    • #3
      On a side note, Rust already fixed this and published an update yesterday, the same day the CVE was published.

      Comment


      • #4
        this has been used at the solidity underhanded contest. Solidity is the programming language used to make "smart contracts" in ethereum.
        The goal of the contest is to submit code that looks innocent and could pass a code review but contains malicious code.
        Here is the repository:
        https://github.com/ethereum/solidity...obertMCForster
        and here is the malicious line of code:
        https://github.com/ethereum/solidity...pgrade.sol#L65

        Comment


        • #5
          Originally posted by Lianna View Post
          I would think compiler should warn BY DEFAULT that something's fishy, and just offer an opt-out switch.
          This affects source code only, not external data.
          As I understand it, no regular RTL strings in source should be affected, only BiDi marks, overrides, etc.
          I would suggest something even stronger - default to compilation error when seeing unescaped bidi override characters in source code. Reduce it to warning after opt-out switch.

          Comment

          Working...
          X