Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    Copyright
    The SEI Series in Software Engineering
    Preface
    Acknowledgments
    About the Author
    Ch. 1. Using This Standard
    Ch. 2. Preprocessor (PRE)
    Ch. 3. Declarations and Initialization (DCL)
    Ch. 4. Expressions (EXP)
    Ch. 5. Integers (INT)
    Ch. 6. Floating Point (FLP)
    Ch. 7. Arrays (ARR)
    Ch. 8. Characters and Strings (STR)
    Ch. 9. Memory Management (MEM)
    Ch. 10. Input/Output (FIO)
    FIO00-C. Take care when creating format strings
    FIO01-C. Be careful using functions that use file names for identification
    FIO02-C. Canonicalize path names originating from untrusted sources
    Noncompliant Code Example
    Compliant Solution (POSIX)
    Noncompliant Code Example (POSIX)
    Implementation Details
    Compliant Solution (glibc)
    Noncompliant Code Example (Windows)
    Compliant Solution (Windows)
    Risk Assessment
    References
    FIO03-C. Do not make assumptions about fopen() and file creation
    FIO04-C. Detect and handle input and output errors
    FIO05-C. Identify files using multiple file attributes
    FIO06-C. Create files with appropriate access permissions
    FIO07-C. Prefer fseek() to rewind()
    FIO08-C. Take care when calling remove() on an open file
    FIO09-C. Be careful with binary data when transferring data across systems
    FIO10-C. Take care when using the rename() function
    FIO11-C. Take care when specifying the mode parameter of fopen()
    FIO12-C. Prefer setvbuf() to setbuf()
    FIO13-C. Never push back anything other than one read character
    FIO14-C. Understand the difference between text mode and binary mode with file streams
    FIO15-C. Ensure that file operations are performed in a secure directory
    FIO16-C. Limit access to files by creating a jail
    FIO30-C. Exclude user input from format strings
    FIO31-C. Do not simultaneously open the same file multiple times
    FIO32-C. Do not perform operations on devices that are only appropriate for files
    FIO33-C. Detect and handle input output errors resulting in undefined behavior
    FIO34-C. Use int to capture the return value of character I/O functions
    FIO35-C. Use feof() and ferror() to detect end-of-file and file errors when sizeof(int) == sizeof(char)
    FIO36-C. Do not assume a new-line character is read when using fgets()
    FIO37-C. Do not assume character data has been read
    FIO38-C. Do not use a copy of a FILE object for input and output
    FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call
    FIO40-C. Reset strings on fgets() failure
    FIO41-C. Do not call getc() or putc() with stream arguments that have side effects
    FIO42-C. Ensure files are properly closed when they are no longer needed
    FIO43-C. Do not create temporary files in shared directories
    FIO44-C. Only use values for fsetpos() that are returned from fgetpos()
    Ch. 11. Environment (ENV)
    Ch. 12. Signals (SIG)
    Ch. 13. Error Handling (ERR)
    Ch. 14. Miscellaneous (MSC)
    POSIX (POS)
    Glossary
    References
    Index
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Chapter 10. Input/Output (FIO) > FIO02-C. Canonicalize path names originating f...

    FIO02-C. Canonicalize path names originating from untrusted sources

    Path names, directory names, and file names may contain characters that make validation difficult and inaccurate. Furthermore, any path name component can be a symbolic link, which further obscures the actual location or identity of a file. To simplify file name validation, it is recommended that names be translated into their canonical form. Canonicalizing file names makes it much easier to verify a path, directory, or file name by making it easier to compare names.

    Because the canonical form can vary between operating systems and file systems, it is best to use operating-system-specific mechanisms for canonicalization.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial


      
    • Safari Books Online
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint