...
FIO11-EX0: Untrusted binary data that is expected to be a valid string may be read and converted to a string. Doing so safely is explained in IDS17-J. Use compatible encodings on both sides of file or network IO. Also see guideline IDS13FIO02-J. Do not assume every character in a string is the same sizeKeep track of the number of bytes read.
Risk Assessment
Attempting to read a byte array containing raw character data as if it were character data may produce erroneous results.
...