[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: FindFirstFile vulnerability and Lua
- From: Alexander Gladysh <agladysh@...>
- Date: Fri, 28 Jan 2011 12:58:50 +0300
Hi, all!
This is, most likely, not relevant to Lua, but it is never harms to check.
FindFirstFile call in Win32 API silently replaces ">" with "?" and "<"
with "*". This means that anyone who passes untrusted data to this
function, must filter these symbols out. (It makes sense to filter
them out anyway, I think, but PHP developers, apparently, did not
bother.)
Note that FindFirstFile may be called implicitly, when working with
files using standard C API.
Alexander.
P.S.
Article (in Russian):
http://habrahabr.ru/company/xakep/blog/112691
Translation:
http://translate.google.com/translate?sl=ru&tl=en&u=http%3A%2F%2Fhabrahabr.ru%2Fcompany%2Fxakep%2Fblog%2F112691&act=url