SEI CERT Perl Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 11

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 12

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Decided Related Guidelines should also be set in table, as in the Jave pages: easier to read, cleaner look

...

Tool

Diagnostic

Notes
Taint mode

Insecure dependency in .*open

Detects only files open for writing.
Does not detect files open only for reading.

Related Guidelines

CERT C Secure Coding Standard

...

FIO02-C. Canonicalize path names originating from untrusted sources
CERT C++ Secure Coding Standard

...

FIO02-CPP. Canonicalize path names originating from untrusted sourcesThe CERT Oracle Secure Coding Standard for Java
CERT Oracle Secure Coding Standard for Java

...

MET02-J. Do not use deprecated or obsolete classes or methods

Bibliography

[CPAN]Slaymaker, Barrie, File::PathConvert; Müller, Steffen. , File::Spec
[Howard 2002]Chapter 11, "Canonical Representation Issues"
[VU#764027]zml.cgi does not adequately validate user input thereby allowing directory traversal
[VU#806091]Mike Spice's My Calendar does not adequately validate user input
[Wall 2011]Cwd

...