std.file functions and embedded NUL characters [CWE-158]
kdevel
kdevel at vogtner.de
Thu Jul 31 22:38:41 UTC 2025
On Thursday, 31 July 2025 at 21:47:24 UTC, Richard (Rikki) Andrew
Cattermole wrote:
> This is indeed a security vulnerability, but it isn't on D's
> side.
> All system API's take in a null terminated string, when it
> should've been pointer + length.
The cause of the problem is the silent truncation when the
conversion
from D-string to C-const char * takes place. This is not a
problem of
the API which is in the case of POSIX is totally simple (compared
to
all the VMS/Windows APIs).
There must be a reason why C++ uses const char* in its filesystem
functions [1].
> If someone has a problem with this currently, you can call
> ``isValidPath`` in ``std.path``, which will check for the null
> character.
Unfortunately isValidPath also flags perfectly legal filenames
as invalid, e.g. such containing invalid UTF-8 sequences.
[1] https://en.cppreference.com/w/cpp/header/iostream.html
More information about the Digitalmars-d
mailing list