...
- Leading dashes: Leading dashes can cause problems when programs are called with the file name as a parameter because the first character or characters of the file name might be interpreted as an option switch.
- Control characters, such as newlines, carriage returns, and escape: Control characters in a file name can cause unexpected results from shell scripts and in logging.
- Spaces: Spaces can cause problems with scripts and when double quotes aren't used to surround the file name.
- Invalid character encodings: Character encodings can make it difficult to perform proper validation of file and path names. (See rule IDS11-J. Eliminate non-character noncharacter code points before validation).
- Name-space separation characters: Including name-space separation characters in a file or path name can cause unexpected and potentially insecure behavior.
- Command interpreters, scripts, and parsers: Some characters have special meaning when processed by a command interpreter, shell, or parser and should consequently be avoided.
...
MSC09-C. Character encoding - Use subset of ASCII for safety | ||||
MSC09-CPP. Character encoding - Use subset of ASCII for safety | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ff03de6bf5abd1b2-4e2b220c-471a42e6-8971bf51-fa4eff4e023605ddf64acb79"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | Choice of filenames and other external identifiers [AJN] | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-116. Improper encoding or escaping of output |
...
ISO 7-bit coded character set for information interchange | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f667cc8931c4013d-39cc585e-4f544ca1-8d45b5c4-f57a154d77bbb02368f68a63"><ac:plain-text-body><![CDATA[ | [[Kuhn 2006 | AA. Bibliography#Kuhn 06]] | UTF-8 and Unicode FAQ for UNIX/Linux | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2e5f1293a3116179-5e10a6c1-48ce4dd0-ab5289e8-45b5060a8b1491288dfe184d"><ac:plain-text-body><![CDATA[ | [[Wheeler 2003 | AA. Bibliography#Wheeler03]] | 5.4, File Names | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5c357da9dc6b1e96-1cbfb1b9-43a64a76-8d1ab86d-79513ea48f8092e39b18a9a3"><ac:plain-text-body><![CDATA[ | [[VU#439395 | AA. Bibliography#VU439395]] | ]]></ac:plain-text-body></ac:structured-macro> |
...