From b06dd8ddf1ee1df36535facc89b24c9e60f74e44 Mon Sep 17 00:00:00 2001 From: Hans Date: Tue, 4 Apr 2023 17:00:55 +0200 Subject: [PATCH] Rewrite of unicode scanner and renaming of file --- usr/bin/grep-find-unicode-wrapper | 35 --------------------------- usr/bin/scan-text-file | 39 +++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+), 35 deletions(-) delete mode 100755 usr/bin/grep-find-unicode-wrapper create mode 100755 usr/bin/scan-text-file diff --git a/usr/bin/grep-find-unicode-wrapper b/usr/bin/grep-find-unicode-wrapper deleted file mode 100755 index 055aa64..0000000 --- a/usr/bin/grep-find-unicode-wrapper +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -## Copyright (C) 2022 - 2022 ENCRYPTED SUPPORT LP -## See the file COPYING for copying conditions. - -grep_args="\ - --exclude=changelog.upstream \ - --exclude-dir=.git - --binary-files=without-match \ - -l \ - -P \ - -n" - -one=$(LC_ALL=C grep $grep_args '[^\x00-\x7F]' "$@") - -two=$(LC_ALL=C grep $grep_args "[^[:ascii:]]" "$@") - -## https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 -## https://lintian.debian.org/tags/unicode-trojan -three=$(LC_ALL=C grep $grep_args $'[\u061C\u200E\u200F\u202A\u202B\u202C\u202D\u202E\u2066\u2067\u2068\u2069]' "$@") - -result="\ -$one -$two -$three" - -output_message=$(echo "$result" | sort --unique) - -if [ "$output_message" = "" ]; then - exit 1 -else - echo "$output_message" -fi - -exit 0 diff --git a/usr/bin/scan-text-file b/usr/bin/scan-text-file new file mode 100755 index 0000000..780f272 --- /dev/null +++ b/usr/bin/scan-text-file @@ -0,0 +1,39 @@ +#!/bin/bash +## Copyright (C) 2022 - 2023 ENCRYPTED SUPPORT LP +## See the file COPYING for copying conditions. + +## Search pattern for suspicious characters by negation of allowed characters +SEARCH_PATTERN='[^[:ascii:]]|[\x{061C}\x{200E}\x{200F}\x{202A}\x{202B}\x{202C}\x{202D}\x{202E}\x{2066}\x{2067}\x{2068}\x{2069}]' + +found=0 +## Loop over input files +while [ "$#" -gt 0 ]; do + current_file="$1" + contains_suspicious_characters=$(LC_ALL=C perl -nle "print \$ARGV if /$SEARCH_PATTERN/" "$current_file") + + echo "===================" + echo "File: $current_file" + + if [ -n "$contains_suspicious_characters" ]; then + found=1 + echo "-- Warning : Suspicious characters were found" + ## Printing out suspicious characters in Unicode escape sequence \u... with their line and position + perl -C -ne "while (/$SEARCH_PATTERN/g) { + printf \"Line %d, Position %d: \\\u%04x\n\", \$., \$-[0] + 1, ord(\$&); + }" "$current_file" + else + echo "++ OK : No suspicous characters were found" + fi + + ## Remove the processed filename from the list of arguments to satisfy while loop + shift +done + +if [ $found -ne 0 ]; then + echo -e "-------------------\n-------------------" + echo "NOTE: For safety reasons these characters are shown in their Unicode escape sequence '\u...'. To inspect these characters search a 'Unicode character inspector' online and paste the Unicode escape sequence there" + exit 1 +fi + +exit 0 +