Page History

...

Tool

Version

Checker

Description

Include Page

	The Checker Framework_V
	The Checker Framework_V

Tainting Checker

Trust and security errors (see Chapter 8)

7.5

BAD_EQ
PATH_MANIPULATION

Implemented

1.0

Path_Manipulation

Implemented

...

SEI CERT C Coding Standard	FIO02-C. Canonicalize path names originating from tainted sources
SEI CERT C++ Coding Standard	VOID FIO02-CPP. Canonicalize path names originating from untrusted sources
ISO/IEC TR 24772:2013	Path Traversal [EWR]
MITRE CWE	CWE-171, Cleansing, Canonicalization, and Comparison Errors CWE-647, Use of Non-canonical URL Paths for Authorization Decisions

...

Space shortcuts