Added security information about handling null bytes.

2025-08-18 19:41:15 +02:00 · 2012-07-12 12:32:51 -06:00
parent 05a8393d94
commit f59f236333
1 changed files with 18 additions and 0 deletions
--- a/_posts/07-05-01-Null-Bytes.md
+++ b/_posts/07-05-01-Null-Bytes.md
@@ -0,0 +1,18 @@
+---
+isChild: true
+---
+
+## Null Bytes
+
+A null byte `\0` denotes the end of a string in [C](http://en.wikipedia.org/wiki/C_(programming_language)). As PHP uses C for all it's 
+filesystem related operations it means a filesystem path could be [null byte poisoned][2].
+
+To prevent this it is important to remove any null bytes from filesystem paths, _especially_ if they come from user input:
+
+	$filepath = str_replace(chr(0), '', $_FILE['tmp_name']);
+
+[See Null Byte Related Issues][1]
+[See Null Byte Poisoning][2]
+
+[1]: http://php.net/manual/en/security.filesystem.nullbytes.php
+[2]: http://www.madirish.net/?article=436