Security aware programming(12)

• \0-byte fun (%00 in URLs)

• $file = shift;

• if (!(-e $file) {die("No way!")};

• open(F, $file);

• # what if $file = "/bin/ls\0|" ?

• $file = shift;

• open(F, "<", $file . ".html");

• # what if $file = "/etc/passwd\0" ?

• ... the last case is not detected by taint mode