...
- Leading dashes: Leading dashes can cause problems when programs are called with the file name as a parameter because the first character or characters of the file name might be interpreted as an option switch.
- Control characters, such as newlines, carriage returns, and escape: Control characters in a file name can cause unexpected results from shell scripts and in logging.
- Spaces: Spaces can cause problems with scripts and when double quotes aren't used to surround the file name.
- Invalid character encodings: Character encodings can make it difficult to perform proper validation of file and path names. (See rule IDS11-J. Eliminate non-character code points before validation.)
- Name-space separation characters: Including name-space separation characters in a file or path name can cause unexpected and potentially insecure behavior.
- Command interpreters, scripts and parsers: Some characters have special meaning when processed by a command interpreter, shell, or parser and should consequently , be avoided.
As a result of the influence of MS-DOS, file names of the form xxxxxxxx.xxx, where x denotes an alphanumeric character, are generally supported by modern systems.
...
MSC09-C. Character Encoding - Use Subset of ASCII for Safety | ||||
MSC09-CPP. Character Encoding - Use Subset of ASCII for Safety | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d30423018fd5dc55-95593a98-422f4195-bdb58686-2eaacd3120acdc91d496eeb1"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | "Choice of Filenames and other External Identifiers [AJN]" | ]]></ac:plain-text-body></ac:structured-macro> |
CWE ID -116, "Improper Encoding or Escaping of Output" |
...
ISO 7-bit coded character set for information interchange | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="df275088c7423d46-ba30e17f-4bd7435c-ab67b962-bd59d4391da69fcd459728d5"><ac:plain-text-body><![CDATA[ | [[Kuhn 2006 | AA. Bibliography#Kuhn 06]] | UTF-8 and Unicode FAQ for UNIX/Linux | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b087bc8da24fdf0c-91048643-433747fc-8ed1afeb-43d0e148abc9bc1ea0c9ea9a"><ac:plain-text-body><![CDATA[ | [[Wheeler 2003 | AA. Bibliography#Wheeler03]] | 5.4 File Names]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="de53460f3b69dd18-ac64cafd-42264cde-904fb188-f87e6d5905ea1726b10354e2"><ac:plain-text-body><![CDATA[ | [[VU#881872 | AA. Bibliography#VU881872]] |
| ]]></ac:plain-text-body></ac:structured-macro> |
...