upsuper added a comment.
I'd like to clarify that what I think is correct now is the algorithm to detect
unclosed explicit formatting scopes in a given string.
I haven't been following very closely with the whole spoofing issue, so I can't
say that there is no other ways to construct a spoof that this algorithm is not
designed to detect.
As you have found, `RLM`, and `ALM` can be used to confuse code reader, but
they are not much different than a string with other strong RTL characters
inside, and I don't quite see how that can be linted without hurting
potentially legitimate code. Maybe if the compiler supports treating `LRM` as
whitespace (I'm not sure whether Clang does), a lint may be added to ask
wrapping any string with outermost strong characters being RTL in the form of
`{LRM}"string"{LRM}` so that the RTL characters don't affect outside. Other
than that, I don't think there is anyway to lint against such a confusion.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D112913/new/
https://reviews.llvm.org/D112913
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
