...
| Code Block | ||
|---|---|---|
| ||
char myFile namemyFilename[1000]; char const elimNewLn[] = "\n"; fgets(myFile namemyFilename, sizeof(myFile namemyFilename)-1, stdin); myFile namemyFilename[sizeof(myFile namemyFilename)-1] = '\0'; myFile namemyFilename[strcspn(myFile namemyFilename, elimNewLn)] = '\0'; |
No checks are performed on the file name to prevent troublesome characters. If an attacker knew this code was in a program used to create or rename files that would later be used in a script or automated process of some sort, they could choose particular characters in the output file name to confuse the later process for malicious purposes.
...
| Code Block | ||
|---|---|---|
| ||
char myFile namemyFilename[1000]; char const elimNewln[] = "\n"; char const badChars[] = "-\n\r ,;'\\<\""; do { fgets(myFile namemyFilename, sizeof(myFile namemyFilename)-1, stdin); myFile namemyFilename[sizeof(myFile namemyFilename)-1] ='\0'; myFile namemyFilename[strcspn(myFile namemyFilename, elimNewln)]='\0'; } while ( (strcspn(myFile namemyFilename, badChars)) < (strlen(myFile namemyFilename))); |
Similarly, you must provide validate all file names originating from untrusted sources to ensure they contain only safe characters.
...
| Wiki Markup |
|---|
\[[Kuhn 06|AA. C References#Kuhn 06]\] UTF-8 and Unicode FAQ for UNIXUnix/Linux \[[ISO/IEC 646-1991|AA. C References#ISO/IEC 646-1991]\] ISO 7-bit coded character set for information interchange \[[ISO/IEC 9899:-1999|AA. C References#ISO/IEC 9899-1999]\] Section 5.2.1, "Character sets" \[[MISRA 04|AA. C References#MISRA 04]\] Rule 3.2, "The character set and the corresponding encoding shall be documented," and Rule 4.1, "Only those escape sequences that are defined in the ISO C standard shall be used" \[[Wheeler 03|AA. C References#Wheeler03]\] 5.4 File Names \[[VU#881872|AA. C References#VU881872]\] |
...