On 1/4/22 19:35, Mike Pattrick wrote: > On Tue, Jan 4, 2022 at 1:12 PM Ilya Maximets <[email protected]> wrote: >> >> On 11/30/21 17:20, Mike Pattrick wrote: >>> Recently there has been a lot of press about the "trojan source" attack, >>> where Unicode characters are used to obfuscate the true functionality of >>> code. This attack didn't effect OVS, but adding the check here will help >>> guard against it sneaking in later. >>> >>> Signed-off-by: Mike Pattrick <[email protected]> >>> --- >>> Changes in v2: >>> - Now all unicode characters will result in an error. >>> >>> Changes in v3: >>> - Added a test to validate behavior >>> >>> Changes in v4: >>> - Simplified regex >>> >>> --- >>> tests/checkpatch.at | 22 ++++++++++++++++++++++ >>> utilities/checkpatch.py | 11 +++++++++++ >>> 2 files changed, 33 insertions(+) >> >> Some weird stuff is going on here. On one of my systems (rhel 8.5) >> I'm getting a consistent test failure. The reason for that appears >> to be a different default locale used while executing checkpatch.py >> from a testsuite. If checkpatch.py is invoked by hands, the >> locale.getpreferredencoding() returns 'UTF-8', but if invoked from >> a testsuite, I'm getting 'ANSI_X3.4-1968' instead. >> >> This impacts the file read, since open() by default uses the >> locale.getpreferredencoding() encoding, so email.message_from_file() >> fails to read the file with unicode symbols and throws an exception >> resulting with the following error: >> >> ERROR: Unable to parse file 'test.patch'. Is it a patch? >> >> That fails the unit test. >> I am not sure why the default locale is different while running >> under the testsuite on this system. The following change seems >> to fix the problem: >> >> diff --git a/utilities/checkpatch.py b/utilities/checkpatch.py >> index 395d0fcde..8c7faa419 100755 >> --- a/utilities/checkpatch.py >> +++ b/utilities/checkpatch.py >> @@ -954,7 +954,7 @@ def ovs_checkpatch_print_result(): >> >> def ovs_checkpatch_file(filename): >> try: >> - mail = email.message_from_file(open(filename, 'r')) >> + mail = email.message_from_file(open(filename, 'r', encoding='utf8')) >> except: >> print_error("Unable to parse file '%s'. Is it a patch?" % filename) >> return -1 >> --- >> >> If that looks good to you, I can fold the change in before applying >> the patch. >> >> What do you think? > > That is strange, I reproduced this behavior on RHEL 8.5; however, RHEL > 9.0 beta uses the UTF8 locale. > > This change looks good to me!
Thanks, Mike and Gaetan! With the change above, applied. Best regards, Ilya Maximets. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
