SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 46

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 47

changes.mady.by.user Pamela Curtis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
There are several national variants of ASCII. As a result, the original ASCII is often referred as *US-ASCII*. The international standard _ISO 646_ \[[ISO/IEC 646-1991|AA. C References#ISO/IEC 646-1991]\] defines a character set similar to US-ASCII, but with code positions corresponding to US-ASCII characters {{@\[\]\{\|\}}} as _national use positions_. It also gives some liberties with the characters {{\#$^`\~}}. In _ISO 646_, several national variants of ASCII have been defined, assigning different letters and symbols to the national use positions. Consequently, the characters that appear in those positions, including those in *US-ASCII*, are less portable in international data transfer. Consequently, due to the national variants, some characters are less portable than others --- they might be transferred or interpreted incorrectly.

In addition to the letters of the English alphabet ("A" through "Z" and "a" through "z"), the digits ("0" through "9"), and the space, only the following characters are portable:

...

This non-compliant code example is derived from FIO30-C. Exclude user input from format strings, except that a newline is removed on the assumption that fgets() will include it.

...

No checks are performed on the file name to prevent troublesome characters.   If an attacker knew this code was in a program used to create or rename files that would later be used in a script or automated process of some sort, they could choose particular characters in the output file name to confuse the later process for malicious purposes.

...

Code Block
bgColor#ccccFF
char myFilename[1000];
char const elimNewln[] = "\n";
char const badChars[] = "-\n\r ,;'\\<\"";
do {
  fgets(myFilename, sizeof(myFilename)-1, stdin);
  myFilename[sizeof(myFilename)-1] ='\0';
  myFilename[strcspn(myFilename, elimNewln)]='\0';
} while ( (strcspn(myFilename, badChars)) 
           < (strlen(myFilename)));

Similarly, you must provide validate all file names originating from untrusted sources to ensure they contain only safe characters.

...

Failing to use only the subset of ASCII that is guaranteed to work can result in misinterpreted data.

...