Greetings,

On 4/3/24 10:58 AM, Michael Matz wrote:
> Indeed.  But note that you're saying something else than what you wanted
> to say :)  For ld the input here is "blob of bytes".  That it's actually
> JSON (or claims to be!) is a matter for the processor of these .note
> sections.  _Those_ need to check the contents of them for being proper
> JSON themself.  They cannot rely on ld having produced "correct" .note
> sections anyway.  They could have been produced by bad tools, or
> retroactively be mangled.
> 
> So, as such checking in the consumer tools for the .notes cannot be
> avoided the early checking at producer time is a bit wasteful, and from a
> security perspective achieves exactly nothing.

Apologies for the confusion. Yes, I wholly agree, checking must be done 
at every stage of the chain. That includes both generation and every 
stage of the way thereafter. The entire chain must be sanitized. As you 
mention, tampering along the way is a possibility. Also, it is very 
possible that different parsers treat the same construct in different 
ways. This goes back to the entire weird machine situation.

Cheers,
Orlando.