openFile should fail if null bytes are in the argument
If the argument to openFile contains a null byte, right now it silently truncates everything after the null byte. This could lead to a vulnerability if the programmer relies on the presence of an extension such as ".cfg" to prevent people from reading in, say, /etc/passwd.
Trac metadata
Trac field | Value |
---|---|
Version | 7.2.1 |
Type | FeatureRequest |
TypeOfFailure | OtherFailure |
Priority | normal |
Resolution | Unresolved |
Component | libraries/base |
Test case | |
Differential revisions | |
BlockedBy | |
Related | |
Blocking | |
CC | |
Operating system | |
Architecture |