Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
How can null byte injection be done on a java webapp, Or rather – how does on protect against it?
Should I look at each byte of the request parameter and inspect its ‘byte’ value to be 0 ? I can’t imagine a 0 byte sneaking in a request parameter… can it?
My main aim is to make sure the filename used for saving the file is safe enough. And for now, I am not looking answers that recommend (for example): replacing ALL non-word characters with Underscore.
Allowing the user to store files with arbitrary names is dangerous. What happens if the user provides
"../../../WINDOWS/explorer.exe"? You should restrict filenames to only contain characters known to be harmless.'\0'is not known to be harmless. As far as Java is concerned,'\0'is a character like any other. However, the operating system is likely to interpret'\0'as the end of a string. If a string is passed from Java to the operating system, that different interpretation could result in exploitable bugs. Consider:where filename is “C:\Windows\explorer.exe\0.txt”, which ends with “.txt” to Java, but with “.exe” to the operating system.