From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Stefan Monnier <monnier@iro.umontreal.ca>
Newsgroups: gmane.emacs.devel
Subject: Re: Unicode confusables and reordering characters considered
 harmful, a simple solution
Date: Thu, 04 Nov 2021 15:16:26 -0400
Message-ID: <jwv4k8rohxu.fsf-monnier+emacs@gnu.org>
References: <YYE1sEv6yS1bBUcu@odonien.localdomain>
 <jwva6imqsqs.fsf-monnier+emacs@gnu.org> <831r3yjqo9.fsf@gnu.org>
 <jwvy266pchy.fsf-monnier+emacs@gnu.org> <83v91aibe7.fsf@gnu.org>
 <87o872s0wf.fsf_-_@db48x.net>
 <CAP_d_8VDNvgCAvMt0-Q5hSqpauHmoWomc-E4qv=_Etn3-zthBw@mail.gmail.com>
 <83lf25gm1j.fsf@gnu.org>
 <CAP_d_8Wm3w0TxUVgT73+3EjXVmrXdnoAV=7ri=c2291C0UxQjA@mail.gmail.com>
 <83ee7xgio2.fsf@gnu.org> <87fssdrp54.fsf@db48x.net>
 <831r3xgfz3.fsf@gnu.org> <87v918qx37.fsf@db48x.net>
 <83o870fjqg.fsf@gnu.org> <7699dbfaffc44df293f3@heytings.org>
 <83ee7wfe4p.fsf@gnu.org> <7699dbfaff0348867b72@heytings.org>
 <83a6ikf9pw.fsf@gnu.org> <7699dbfaff090e4342a3@heytings.org>
 <838ry4f3xf.fsf@gnu.org> <7699dbfaffce8f3a1f41@heytings.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="24379"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux)
Cc: Eli Zaretskii <eliz@gnu.org>,  cpitclaudel@gmail.com,
 stefan@marxist.se,  emacs-devel@gnu.org,  db48x@db48x.net,
 yuri.v.khan@gmail.com
To: Gregory Heytings <gregory@heytings.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Thu Nov 04 20:17:31 2021
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1miiEs-00068R-92
	for ged-emacs-devel@m.gmane-mx.org; Thu, 04 Nov 2021 20:17:30 +0100
Original-Received: from localhost ([::1]:47218 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1miiEr-00059g-6r
	for ged-emacs-devel@m.gmane-mx.org; Thu, 04 Nov 2021 15:17:29 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:44486)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <monnier@iro.umontreal.ca>)
 id 1miiE0-00046G-JP
 for emacs-devel@gnu.org; Thu, 04 Nov 2021 15:16:36 -0400
Original-Received: from mailscanner.iro.umontreal.ca ([132.204.25.50]:2353)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <monnier@iro.umontreal.ca>)
 id 1miiDy-0000j4-0U; Thu, 04 Nov 2021 15:16:35 -0400
Original-Received: from pmg3.iro.umontreal.ca (localhost [127.0.0.1])
 by pmg3.iro.umontreal.ca (Proxmox) with ESMTP id 81BF04404BE;
 Thu,  4 Nov 2021 15:16:31 -0400 (EDT)
Original-Received: from mail01.iro.umontreal.ca (unknown [172.31.2.1])
 by pmg3.iro.umontreal.ca (Proxmox) with ESMTP id DFE78440478;
 Thu,  4 Nov 2021 15:16:29 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=iro.umontreal.ca;
 s=mail; t=1636053389;
 bh=xRB9GHo0zmF378dlZ4cZ5Rx5zSQ69ic2WX49aPhkSZI=;
 h=From:To:Cc:Subject:References:Date:In-Reply-To:From;
 b=LLxh6mDrIxFqHtDUURylnqlZOdFkh+mnD4EvuBpeBercyPHqitJTvSdnCANqPgLe6
 1xhp05Mu2DKLjrTcDCRBuBcL/g1HjHEL2aQFgn6dvyxPp6drs+fU+VEgr7/u51nfLw
 VTcHkiGnCe6eURzI4UJpVRmTfVKWGXp5hOaoN/xO23SiK0oPwnkXSRxG7AU7O10Vpk
 n/SeI4TvErDlVK/4SbFvCJ/ODqLl3auKn9SvJ0oSjyQMkDpUbrJm+dVQG6rAXrARq+
 +CFm/qM9glpN5zcWlAj4dMO+EsE029SS6/zDf4BUj7Ro+XXB5ZdqZiiO+X7SFoSZHr
 DjzPVBiEbbmKA==
Original-Received: from alfajor (lechon.iro.umontreal.ca [132.204.27.242])
 by mail01.iro.umontreal.ca (Postfix) with ESMTPSA id 8336612056E;
 Thu,  4 Nov 2021 15:16:29 -0400 (EDT)
In-Reply-To: <7699dbfaffce8f3a1f41@heytings.org> (Gregory Heytings's message
 of "Thu, 04 Nov 2021 14:10:01 +0000")
Received-SPF: pass client-ip=132.204.25.50;
 envelope-from=monnier@iro.umontreal.ca; helo=mailscanner.iro.umontreal.ca
X-Spam_score_int: -42
X-Spam_score: -4.3
X-Spam_bar: ----
X-Spam_report: (-4.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: "Emacs-devel"
 <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.emacs.devel:278706
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/278706>

>>      myfun("=D7=A9=D6=B8=D7=81=D7=9C=D7=95=D6=B9=D7=9D" ,"=D8=A7=D9=84=
=D8=B3=D9=91=D9=84=D8=A7=D9=85=D8=B9=D9=84=D9=8A=D9=83=D9=85");
> There is no danger in that example, and in particular nothing invisible.

I'm pretty sure an attacker can use the above confusing arg order to
turn an apparently harmless program into a security hole.

The fact that the args are passed in the other order than "expected" by
the naive reader means that the naive reader (who may very well be an
expert at computer security, reviewing potentially dangerous code, just
one who knows more about proofs&bits&bytes than about Unicode's
intricacies).


        Stefan