Page History

...

#include <fcntl.h>
#include <sys/stat.h>

int main(void) {
   char *file_name = "&#xBB;&#xA3;???&#xAB;";
   mode_t mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;

   int fd = open(file_name, O_CREAT | O_EXCL | O_WRONLY, mode);
   if (fd == -1) {
      /* Handle Errorerror */
   }
}

An implementation is free to define its own mapping of the "nonsafe" characters. For example, when tested on a Red Hat Linux distribution, this noncompliant code example resulted in the following file name:

...

Use a descriptive file name , containing only the subset of ASCII previously described.

#include <fcntl.h>
#include <sys/stat.h>

int main(void) {
   char *file_name = "name.ext";
   mode_t mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;

   int fd = open(file_name, O_CREAT | O_EXCL | O_WRONLY, mode);
   if (fd == -1) {
      /* Handle Errorerror */
   }
}

Noncompliant Code Example (File Name 2)

...

Similarly, you must validate all file names originating from untrusted sources to ensure they contain only safe characters.

Risk Assessment

Failing to use only the subset of ASCII that is guaranteed to work can result in misinterpreted data.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

...

...

...

Bibliography

...

...

ISO/IEC TR 24772 "AJN Choice of filenames and other external edentifiers"

MISRA Rule 3.2, "The character set and the corresponding encoding shall be documented," and Rule 4.1, "Only those escape sequences that are defined in the ISO C Standard shall be used"

MITRE CWE: CWE-116, "Improper encoding or escaping of output"

Sources

...

...

...

[VU#439395] 

...