From 1eea748aa79e6ccb8b73b1ad5d6cfd172293a6c3 Mon Sep 17 00:00:00 2001
From: Steven Danna <danna@cockroachlabs.com>
Date: Mon, 1 Nov 2021 15:34:00 +0000
Subject: [PATCH] lint: add linter for unicode directional formatting
 characters

This PR adds a linter to disallow the use of directional formatting
characters to help prevent them being used to get malicious code past
code review.

Ideally our code-review tool would highlight such characters for us
since such characters might routinely appear in binary artifacts.

See also:

- https://www.trojansource.codes/
- https://blog.rust-lang.org/2021/11/01/cve-2021-42574.html
- https://github.com/golang/go/issues/20209

Release note: None
---
 pkg/testutils/lint/lint_test.go | 48 +++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/pkg/testutils/lint/lint_test.go b/pkg/testutils/lint/lint_test.go
index 08cb18f207a4..b9f53ed441d0 100644
--- a/pkg/testutils/lint/lint_test.go
+++ b/pkg/testutils/lint/lint_test.go
@@ -633,6 +633,54 @@ func TestLint(t *testing.T) {
 		}
 	})
 
+	t.Run("TestDisallowedCharacterSequences", func(t *testing.T) {
+		t.Parallel()
+		disallowedCharacterSequences := []string{
+			"\u202A", // LEFT-TO-RIGHT-EMBEDDING
+			"\u202B", // RIGHT-TO-LEFT-EMBEDDING
+			"\u202C", // POP-DIRECTIONAL-FORMATTING
+			"\u202D", // LEFT-TO-RIGHT-OVERRIDE
+			"\u202E", // RIGHT-TO-LEFT-OVERRIDE
+			"\u2066", // LEFT-TO-RIGHT-ISOLATE
+			"\u2067", // RIGHT-TO-LEFT-ISOLATE
+			"\u2068", // FIRST-STRONG-ISOLATE
+			"\u2069", // POP-DIRECTIONAL-ISOLATE
+		}
+		pattern := strings.Join(disallowedCharacterSequences, "|")
+		cmd, stderr, filter, err := dirCmd(
+			crdb.Dir,
+			"git",
+			"grep",
+			"-nE",
+			pattern,
+			"--",
+			":!*.woff2",
+			":!*.png",
+			":!*.tgz",
+			":!pkg/ccl/importccl/testdata/avro/stock-10000.bjson",
+			":!pkg/ccl/importccl/testdata/avro/stock-10000.ocf",
+		)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if err := cmd.Start(); err != nil {
+			t.Fatal(err)
+		}
+
+		if err := stream.ForEach(filter, func(s string) {
+			t.Errorf("\n%s <- forbidden use of disallowed character sequence.", s)
+		}); err != nil {
+			t.Error(err)
+		}
+
+		if err := cmd.Wait(); err != nil {
+			if out := stderr.String(); len(out) > 0 {
+				t.Fatalf("err=%s, stderr=%s", err, out)
+			}
+		}
+	})
+
 	t.Run("TestInternalErrorCodes", func(t *testing.T) {
 		t.Parallel()
 		cmd, stderr, filter, err := dirCmd(