diff options
author | Matthias Dressel <code@deadcode.eu> | 2021-11-01 23:07:32 +0300 |
---|---|---|
committer | Matthias Dressel <code@deadcode.eu> | 2021-11-05 16:58:25 +0300 |
commit | 9727d8579bad2eabdbd00ec8058568332b15bf3d (patch) | |
tree | 718fffac01f67a940d6dc33048e0a03ec009127c /.gitlab-ci.yml | |
parent | e40cc46c3c0a03e5ab738c4504a71099e0dbab63 (diff) |
CI: Check for potientially dangerous Unicode characters
Bidirectional control and invisible characters can be used to hide
malicious code.
Ref: CVE-2021-42574, CVE-2021-42694
Diffstat (limited to '.gitlab-ci.yml')
-rw-r--r-- | .gitlab-ci.yml | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2ba028e..b844803 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,7 +4,7 @@ stages: - test .debian-amd64-common: - image: registry.videolan.org/dav1d-debian-unstable:20211008082222 + image: registry.videolan.org/dav1d-debian-unstable:20211102173310 stage: build tags: - docker @@ -65,6 +65,7 @@ style-check: exit 1; fi; done + - rg '[\u061c\u2000-\u200f\u2028-\u202f\u205f-\u206f]' ./ && echo "Invisible Unicode characters" && exit 1 - git remote rm upstream 2> /dev/null || true - git remote add upstream https://code.videolan.org/videolan/dav1d.git - git fetch -q upstream master |