[swift-evolution] Prohibit invisible characters in identifier names
Vladimir.S
svabox at gmail.com
Mon Jun 20 13:26:09 CDT 2016
Very interesting.
Btw, IBM Swift Sandbox shows these spaces:
https://swiftlang.ng.bluemix.net/
But my mail client does not - i.e. I saw exactly the same "test"&"abc"
Also, I read about some issues with left-to-right and right-to-left markers
that also somehow change the actual text of source - i.e. you see one text,
but when it compiles - it works not as expected. I.e. viewer/editor
processes these special codes and show you one text, but compiler treats
text in another way.
I believe it is a potential security problem that all unicode chars are
allowed for variables/func names in Swift. IMO We definitely should limit
allowed charset for identifiers in sources.
On 20.06.2016 20:51, João Pinheiro via swift-evolution wrote:
> Recently there has been a screenshot going around Twitter about C++ allowing zero-width spaces in variable names. Swift also suffers from this problem which can be abused to create ambiguous, misleading, and potentially obfuscate nefarious code.
>
> I would like to propose a change to prohibit the use of invisible characters in identifier names.
>
> I'm including an example of problematic code at the bottom of this email.
>
> Sincerely,
> João Pinheiro
>
>
> /* The output for this code is:
> A
> B
> C
> 1
> 2
> 3
> */
>
> func test() { print("A") }
> func test() { print("B") }
> func test() { print("C") }
>
> let abc = 1
> let abc = 2
> let abc = 3
>
> test()
> test()
> test()
>
> print(abc)
> print(abc)
> print(abc)
> _______________________________________________
> swift-evolution mailing list
> swift-evolution at swift.org
> https://lists.swift.org/mailman/listinfo/swift-evolution
>
More information about the swift-evolution
mailing list