std.file functions and embedded NUL characters [CWE-158]
Doigt
labog at outlook.com
Thu Jul 31 21:25:44 UTC 2025
On Thursday, 31 July 2025 at 20:45:14 UTC, kdevel wrote:
> Some python code:
>
> #!/usr/bin/python
>
> def myfun (filename):
> open (filename, 'w')
>
> myfun ("a\0c")
>
> which when executed behaves in an exemplary manner:
>
> Traceback (most recent call last):
> File "./test.py", line 6, in <module>
> myfun ("a\0c")
> File "./test.py", line 4, in myfun
> open (filename, 'w')
> TypeError: file() argument 1 must be encoded string without
> null
> bytes, not str
>
> Other languages like D, perl or even Ada seem to let the
> embedded NUL
> character silently truncate the filename. This poses a
> considerable
> risk when the input to std.file functions is not controlled by
> the
> program author [1]. E.g.
>
> rmdirRecurse ("/\0/home/user/subdir");
>
> [1] https://cwe.mitre.org/data/definitions/158.html
Do you actually have a source or an example program that D
actually does anything with the null terminator or are you
talking out of your ass? D doesn't care about the null terminator
and doesn't do anything with it.
Try this code on run.dlang.io and report back with your apology:
import std.stdio;
void main()
{
writeln("Hello\0World\0!");
}
More information about the Digitalmars-d
mailing list