Comment by chasil

4 years ago

Oh, my young friend, you have no idea what POSIX has done to you.

"While no one sane would put newlines in directory names, such corruption of the results could lead to exploitable vulnerabilities in scripts."

http://www.etalabs.net/sh_tricks.html

4 comments

chasil

oblio 4 years ago

He he.

Want to see true craziness? POSIX file names are just a bag of bytes. They don't even have to be text, they can be anything (almost), there's no standard text encoding:

https://lwn.net/Articles/325304/

And in typical Open Source fashion, someone actually claims it's a feature: https://lwn.net/Articles/325398/ because hey, you 99.999% percenters can suffer so that I, 0.001% percenter can implement my wacky system.

https://xkcd.com/1172/

chasil 4 years ago

This appears to demonstrate the full range of abuse.

    $ mkdir hold
    $ cd hold

    $ cat ../wildname.c 
    #include <stdio.h>
    int main(int argc, char **argv)
    { char n[256]; int i,j=0; FILE *fp;

      for(i=1; i<256; i++) if(i!=47) n[j++] = i; n[j] = 0;
      if(fp = fopen(n, "w")) { fprintf(fp, "hello world!"); fclose(fp); }
    }

    $ cc ../wildname.c 
    $ ./a.out

    $ ls -l
    total 16
    -rw-r--r--. 1 luser lgroup   12 Nov 11 16:32 ??????????????????????????????? !"#$%&'()*+,-.0123456789:;<=>? 
 
 
 @ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    -rwxr-xr-x. 1 luser lgroup 8464 Nov 11 16:32 a.out

Just because you can do something does not mean that you should.

oblio 4 years ago

It's software. Software's contract is the same as a legal contract. And a legal contract mostly says what you can't do.
So anything not directly blocked by the software is allowed.
Ergo, clear specifications, strict yet flexible types and APIs, etc.
Otherwise, it's just bad design.

ygra 4 years ago

It's basically the same on Windows with NTFS. Just a bag of 16-bit words instead of bytes.