...
FIO11-EX0: Untrusted binary data that is expected to be a valid string may be read and converted to a string. Doing so safely is explained in IDS17-J. Use compatible encodings on both sides of file or network IO. Also see guideline rule IDS13-J. Do not assume every character in a string is the same size.
...
Search for vulnerabilities resulting from the violation of this guideline rule on the CERT website.
Bibliography
...