From a8fa68e6637a44c0c192ee76022eef35ff6fe9b9 Mon Sep 17 00:00:00 2001 From: Iain Buclaw Date: Mon, 15 Nov 2021 13:38:52 +0100 Subject: [PATCH] Add D as a vulnerable language --- D/README.md | 31 +++++++++++++++++++++++++++ D/commenting_out.d | 11 ++++++++++ D/early_return.d | 7 ++++++ D/homoglyph_function.d | 14 ++++++++++++ D/invisible_function.d | 17 +++++++++++++++ D/stretched_string.d | 9 ++++++++ D/visualization/commenting-out.html | 13 +++++++++++ D/visualization/early-return.html | 11 ++++++++++ D/visualization/stretched-string.html | 13 +++++++++++ 9 files changed, 126 insertions(+) create mode 100644 D/README.md create mode 100644 D/commenting_out.d create mode 100644 D/early_return.d create mode 100644 D/homoglyph_function.d create mode 100644 D/invisible_function.d create mode 100644 D/stretched_string.d create mode 100644 D/visualization/commenting-out.html create mode 100644 D/visualization/early-return.html create mode 100644 D/visualization/stretched-string.html diff --git a/D/README.md b/D/README.md new file mode 100644 index 0000000..502c141 --- /dev/null +++ b/D/README.md @@ -0,0 +1,31 @@ +# D + +## Commenting-Out + +- Confirmed working on dmd version 2.097.2 (Ubuntu) +- Confirmed working on gdc version 11.1 (Ubuntu) +- Confirmed working on ldc version 1.24.0 (Ubuntu) + +## Stretched String + +- Confirmed working on dmd version 2.097.2 (Ubuntu) +- Confirmed working on gdc version 11.1 (Ubuntu) +- Confirmed working on ldc version 1.24.0 (Ubuntu) + +## Invisible Character Function + +- Does not work on dmd version 2.097.2 (Ubuntu): char 0x200b not allowed in identifier +- Does not work on gdc version 11.1 (Ubuntu) +- Does not work on ldc version 1.24.0 (Ubuntu) + +## Early Return + +- Confirmed working on dmd version 2.097.2 (Ubuntu) +- Confirmed working on gdc version 11.1 (Ubuntu) +- Confirmed working on ldc version 1.24.0 (Ubuntu) + +## Homoglyph Function + +- Confirmed working on dmd version 2.097.2 (Ubuntu) +- Confirmed working on gdc version 11.1 (Ubuntu) +- Confirmed working on ldc version 1.24.0 (Ubuntu) diff --git a/D/commenting_out.d b/D/commenting_out.d new file mode 100644 index 0000000..36da1f5 --- /dev/null +++ b/D/commenting_out.d @@ -0,0 +1,11 @@ +import std.stdio; + +int main() { + bool isAdmin = false; + /*‮ } ⁦if (isAdmin)⁩ ⁦ begin admins only */ + writeln("You are an admin."); + /* end admins only ‮ { ⁦*/ + return 0; +} + + diff --git a/D/early_return.d b/D/early_return.d new file mode 100644 index 0000000..e8a57c3 --- /dev/null +++ b/D/early_return.d @@ -0,0 +1,7 @@ +import std.stdio; + +int main() { + /* Say hello; newline⁧ /*/ return 0 ; + writeln("Hello world."); + return 0; +} diff --git a/D/homoglyph_function.d b/D/homoglyph_function.d new file mode 100644 index 0000000..2d0a609 --- /dev/null +++ b/D/homoglyph_function.d @@ -0,0 +1,14 @@ +import std.stdio; + +void sayHello() { + writeln("Hello, World!"); +} + +void sayНello() { + writeln("Goodbye, World!"); +} + +int main() { + sayНello(); + return 0; +} diff --git a/D/invisible_function.d b/D/invisible_function.d new file mode 100644 index 0000000..f6a5f22 --- /dev/null +++ b/D/invisible_function.d @@ -0,0 +1,17 @@ +import std.stdio; + +bool isAdmin() { + return false; +} + +bool is​Admin() { + return true; +} + +int main() { + if (is​Admin()) { + writeln("You are an admin"); + } else { + writeln("You are NOT an admin."); + } +} diff --git a/D/stretched_string.d b/D/stretched_string.d new file mode 100644 index 0000000..9bbf615 --- /dev/null +++ b/D/stretched_string.d @@ -0,0 +1,9 @@ +import std.stdio; + +int main() { + string access_level = "user"; + if (access_level != "user‮ ⁦// Check if admin⁩ ⁦") { + writeln("You are an admin."); + } + return 0; +} diff --git a/D/visualization/commenting-out.html b/D/visualization/commenting-out.html new file mode 100644 index 0000000..df1a98d --- /dev/null +++ b/D/visualization/commenting-out.html @@ -0,0 +1,13 @@ + + +import std.stdio;
+
+int main() {
+ bool isAdmin = false;
+ /*RLO } LRIif (isAdmin)PDI LRI begin admins only */
+ writeln("You are an admin.");
+ /* end admin only RLO { LRI*/
+ return 0;
+}
+ + \ No newline at end of file diff --git a/D/visualization/early-return.html b/D/visualization/early-return.html new file mode 100644 index 0000000..0e04f20 --- /dev/null +++ b/D/visualization/early-return.html @@ -0,0 +1,11 @@ + + +import std.stdio;
+
+int main() {
+ /* Say hello; newline RLI /*/ return 0 ;
+ writeln("Hello world.");
+ return 0;
+}
+ + \ No newline at end of file diff --git a/D/visualization/stretched-string.html b/D/visualization/stretched-string.html new file mode 100644 index 0000000..fecf847 --- /dev/null +++ b/D/visualization/stretched-string.html @@ -0,0 +1,13 @@ + + +import std.stdio;
+
+int main() {
+ string access_level = "user";
+ if (access_level != "userRLO LRI// Check if adminPDI LRI") {
+ printf("You are an admin.\n");
+ }
+ return 0;
+}
+ + \ No newline at end of file