4.2.1.39 The unicode test

  Problem:  Symbols containing certain unicode characters can conceal their real name
  Fix By:   Replacing the unicode characters with other characters
  Waive If: The unicode names are valid

  Example:  FAIL: unicode test because dangerous characters were found in a symbol name

This test checks to make sure that symbols in the binary do not contain control characters or multibyte (aka unicode) characters. Whilst unicode characters are technically allowed in symbol names, their presence is suspect since they can be used maliciously.

The test looks for the following characters in symbol names:

Any control character
The space and DEL characters
Any non-unicode multibyte character

In addition if the --test-unicode-all option has been enabled (either via the command line, or via selecting a RHEL profile with the --profile option) then the test will fail is any multibyte character is found.

On the other hand, if the opposite --test-unicode-suspicious option has been enabled then the test looks for:

Any character with zero width
Any character that changes the direction of the text

Other suspicious multibyte characters may be added in the future.

If necessary the test can be disabled via the --skip-unicode option and re-enabled via the --test-unicode option.