...
| Wiki Markup |
|---|
There are several national variants of ASCII. As a result, the original ASCII is often referred as *US-ASCII*. The international standard _ISO 646_ \[[ISO/IEC 646-1991|AA. C References#ISO/IEC 646-1991]\] defines a character set similar to US-ASCII, but with code positions corresponding to US-ASCII characters {{@\[\]\{\|\}}} as _national use positions_. It also gives some liberties with the characters {{\#$^`\~}}. In _ISO 646_, several national variants of ASCII"\ have been defined, assigning different letters and symbols to the national use positions. Consequently, the characters that appear in those positions, including those in *US-ASCII*, are less portable in international data transfer. Consequently, due to the national variants, some characters are less portable than others--they might be transferred or interpreted incorrectly. |
...
| No Format |
|---|
% & + , - . : = _
|
| Wiki Markup |
|---|
When naming files, variables, etc., only these characters should be considered for use. This recommendation is related to \[[STR02-A. Sanitize data passed to complex subsystems]\]. |
File Names
File names containing particular characters can be troublesome and can cause unexpected behavior leading to potential vulnerabilities. If a program allows the user to specify a filename in the creation or renaming of a file, certain checks should be made to disallow the following characters and patterns:
...
Many of the punctuation characters aren't unconditionally safe for filenames even of they are portably available.
| Wiki Markup |
|---|
Most of these characters or patterns are primarily a problem to scripts or automated parsing, but because they are not commonly used, it is best to disallow their use to reduce potential problems. |
Interoperability concerns also exist because different operating systems handle filenames of this sort in different ways. |
Leading dashes can cause programs when programs are called with this filename as a parameter, the first character or characters of the file might be taken to mean that its an option switch. |
Control characters in a filename can cause unexpected results from shell scripts and in logging. |
Spaces can again cause problems with scripts and anytime double quotes aren't used to surround the filename. |
Character encodings can be a huge issue and are also discussed in \[[MSC10-A. Character Encoding - UTF8 Related Issues |
. Other special characters are included in this recommendation because they are commonly used as separators and having them in a filename can cause unexpected and potentially insecure ]\]. Other special characters are included in this recommendation because they are commonly used as separators and having them in a filename can cause unexpected and potentially insecure behavior. |
| Wiki Markup |
|---|
As a result of the influence of MS-DOS, file names of the form {{xxxxxxxx.xxx}}, where x denotes an alphanumeric character, are generally supported by modern systems. In some cases file names are case sensitive while in other cases they are case insensitive. VU#439395 is an example of a vulnerability resulting from a failure to deal appropriately with case sensitivity issues \[[VU#439395 |AA. C References#VU439395]\]. |
...
Non-Compliant Code Example (File Name)
| Wiki Markup |
|---|
This non-compliant code example is derived from \[[FIO30-C. Exclude user input from format strings]\] except that a newline is removed on the assumption that {{fgets()}} will include it. |
| Code Block |
|---|
|
char myFilename[1000];
char const elimNewLn[] = "\n";
fgets(myFilename, sizeof(myFilename)-1, stdin);
myFilename[sizeof(myFilename)-1] = '\0';
myFilename[strcspn(myFilename, elimNewLn)] = '\0';
|
...
