summaryrefslogtreecommitdiffstats
path: root/lib/Lintian/Check/Files/Unicode
diff options
context:
space:
mode:
Diffstat (limited to 'lib/Lintian/Check/Files/Unicode')
-rw-r--r--lib/Lintian/Check/Files/Unicode/Trojan.pm134
1 files changed, 134 insertions, 0 deletions
diff --git a/lib/Lintian/Check/Files/Unicode/Trojan.pm b/lib/Lintian/Check/Files/Unicode/Trojan.pm
new file mode 100644
index 0000000..5c4f2e1
--- /dev/null
+++ b/lib/Lintian/Check/Files/Unicode/Trojan.pm
@@ -0,0 +1,134 @@
+# files/unicode/trojan -- lintian check script -*- perl -*-
+
+# Copyright (C) 1998 Christian Schwarz and Richard Braakman
+# Copyright (C) 2019 Chris Lamb <lamby@debian.org>
+# Copyright (C) 2020 Felix Lechner
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, you can find it on the World Wide
+# Web at https://www.gnu.org/copyleft/gpl.html, or write to the Free
+# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+# MA 02110-1301, USA.
+
+package Lintian::Check::Files::Unicode::Trojan;
+
+use v5.20;
+use warnings;
+use utf8;
+
+use Const::Fast;
+use Unicode::UTF8 qw(decode_utf8 encode_utf8 valid_utf8);
+
+use Moo;
+use namespace::clean;
+
+with 'Lintian::Check';
+
+const my $DOUBLE_QUOTE => q{"};
+
+const my %NAMES_BY_CHARACTER => (
+ qq{\N{ARABIC LETTER MARK}} => 'ARABIC LETTER MARK', # U+061C
+ qq{\N{LEFT-TO-RIGHT MARK}} => 'LEFT-TO-RIGHT MARK', # U+200E
+ qq{\N{RIGHT-TO-LEFT MARK}} => 'RIGHT-TO-LEFT MARK', # U+200F
+ qq{\N{LEFT-TO-RIGHT EMBEDDING}} => 'LEFT-TO-RIGHT EMBEDDING', # U+202A
+ qq{\N{RIGHT-TO-LEFT EMBEDDING}} => 'RIGHT-TO-LEFT EMBEDDING', # U+202B
+ qq{\N{POP DIRECTIONAL FORMATTING}} =>'POP DIRECTIONAL FORMATTING', # U+202C
+ qq{\N{LEFT-TO-RIGHT OVERRIDE}} => 'LEFT-TO-RIGHT OVERRIDE', # U+202D
+ qq{\N{RIGHT-TO-LEFT OVERRIDE}} => 'RIGHT-TO-LEFT OVERRIDE', # U+202E
+ qq{\N{LEFT-TO-RIGHT ISOLATE}} => 'LEFT-TO-RIGHT ISOLATE', # U+2066
+ qq{\N{RIGHT-TO-LEFT ISOLATE}} => 'RIGHT-TO-LEFT ISOLATE', # U+2067
+ qq{\N{FIRST STRONG ISOLATE}} => 'FIRST STRONG ISOLATE', # U+2068
+ qq{\N{POP DIRECTIONAL ISOLATE}} => 'POP DIRECTIONAL ISOLATE', # U+2069
+);
+
+sub visit_patched_files {
+ my ($self, $item) = @_;
+
+ $self->check_for_trojan($item);
+
+ return;
+}
+
+sub visit_installed_files {
+ my ($self, $item) = @_;
+
+ $self->check_for_trojan($item);
+
+ return;
+}
+
+sub check_for_trojan {
+ my ($self, $item) = @_;
+
+ if (valid_utf8($item->name)) {
+
+ my $decoded_name = decode_utf8($item->name);
+
+ # all file names
+ for my $character (keys %NAMES_BY_CHARACTER) {
+
+ $self->pointed_hint(
+ 'unicode-trojan',
+ $item->pointer,
+ 'File name',
+ sprintf('U+%vX', $character),
+ $DOUBLE_QUOTE. $NAMES_BY_CHARACTER{$character}. $DOUBLE_QUOTE
+ ) if $decoded_name =~ m{\Q$character\E};
+ }
+ }
+
+ return
+ unless $item->is_script;
+
+ open(my $fd, '<', $item->unpacked_path)
+ or die encode_utf8('Cannot open ' . $item->unpacked_path);
+
+ my $position = 1;
+ while (my $line = <$fd>) {
+
+ chomp $line;
+
+ next
+ unless valid_utf8($line);
+
+ my $decoded = decode_utf8($line);
+
+ my $pointer = $item->pointer($position);
+
+ for my $character (keys %NAMES_BY_CHARACTER) {
+
+ $self->pointed_hint(
+ 'unicode-trojan',
+ $pointer,
+ 'Contents',
+ sprintf('U+%vX', $character),
+ $DOUBLE_QUOTE. $NAMES_BY_CHARACTER{$character}. $DOUBLE_QUOTE
+ )if $decoded =~ m{\Q$character\E};
+ }
+
+ } continue {
+ ++$position;
+ }
+
+ close $fd;
+
+ return;
+}
+
+1;
+
+# Local Variables:
+# indent-tabs-mode: nil
+# cperl-indent-level: 4
+# End:
+# vim: syntax=perl sw=4 sts=4 sr et