...
FIO99-EX0: A program may accept a file or path name that uses "unsafe" characters provided that the developer has determined that the file is not used in a restricted sink such as a command interpreter, shell, parser,logger, or other complex subsystem that attaches a particular meaning to these characters.
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
IDS05-J | medium | unlikely | medium | P4 | L3 |
Related Guidelines
MSC09-CPP. Character encoding: Use subset of ASCII for safety | |
Choice of Filenames and Other External Identifiers [AJN] | |
CWE-116, Improper encoding or escaping of output |
Bibliography
ISO 7-Bit Coded Character Set for Information Interchange | |
UTF-8 and Unicode FAQ for UNIX/Linux | |
5.4, "File Names" | |
| [VU#439395] |
Rec. 00: Input Validation and Data Sanitization (IDS) Rec. 00: Input Validation and Data Sanitization (IDS)
...