Skip to content

Bidi Trojan Source Linter Bypassed in Format Strings #94945

New issue
New issue
Closed
#134956
Closed
Bidi Trojan Source Linter Bypassed in Format Strings#94945
#134956
Assignees
compiler-errors
Labels
A-UnicodeArea: UnicodeA-fmtArea: `core::fmt`A-lintsArea: Lints (warnings about flaws in source code) such as unused_mut.A-macrosArea: All kinds of macros (custom derive, macro_rules!, proc macros, ..)A-securityArea: Security (example: address space layout randomization).C-bugCategory: This is a bug.T-compilerRelevant to the compiler team, which will review and decide on the PR/issue.
@brodieG

Description

@brodieG
brodieG
opened on Mar 15, 2022

This relates to the Trojan Source exploit.

I tried this code:

     println!("RLOhello world");

Where RLO are the raw bytes representing "\u202e" (or any of the other forbidden stateful bidi control characters) does not trigger the linter, whereas e.g.:

     let var = "RLOhello world";
     println!(var);

Does trigger the linter (as it should).

This was seen with:

$ rustc -V
rustc 1.61.0-nightly (1eb72580d 2022-03-08)

I discussed this over e-mail with @pietroalbini and he recommended I post this as a regular issue since most editors / code review sites now handle the bidi stateful controls more gracefully than they did when the bidi trojan vulnerability was original disclosed.

Activity

brodieG
added
C-bugCategory: This is a bug.
on Mar 15, 2022
pietroalbini

pietroalbini commented on Mar 15, 2022

@pietroalbini
pietroalbini
on Mar 15, 2022
Member

This was discussed with the Rust Security Response WG (not just me) and we agreed with making this issue public.

ChrisDenton
added
needs-triage-legacy
on Jul 16, 2023
fmease
added
A-UnicodeArea: Unicode
A-macrosArea: All kinds of macros (custom derive, macro_rules!, proc macros, ..)
T-compilerRelevant to the compiler team, which will review and decide on the PR/issue.
A-fmtArea: `core::fmt`
A-lintsArea: Lints (warnings about flaws in source code) such as unused_mut.
A-securityArea: Security (example: address space layout randomization).
and removed
needs-triage-legacy
on Jan 24, 2024
fmease
added
A-lintsArea: Lints (warnings about flaws in source code) such as unused_mut.
and removed
A-lintsArea: Lints (warnings about flaws in source code) such as unused_mut.
on Dec 21, 2024
compiler-errors
mentioned this on Dec 31, 2024
compiler-errors
self-assigned this
on Dec 31, 2024
matthiaskrgr
added a commit that references this issue on Dec 31, 2024

Rollup merge of rust-lang#134956 - compiler-errors:format-args-hidden…

0c94f63

2 remaining items

Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

A-UnicodeArea: UnicodeA-fmtArea: `core::fmt`A-lintsArea: Lints (warnings about flaws in source code) such as unused_mut.A-macrosArea: All kinds of macros (custom derive, macro_rules!, proc macros, ..)A-securityArea: Security (example: address space layout randomization).C-bugCategory: This is a bug.T-compilerRelevant to the compiler team, which will review and decide on the PR/issue.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

    Development

    Participants

    @pietroalbini@compiler-errors@ChrisDenton@brodieG@fmease

    Issue actions
      Bidi Trojan Source Linter Bypassed in Format Strings · Issue #94945 · rust-lang/rust