Feed aggregator
Britain's New Government Aims To Regulate Most Powerful AI Models
Read more of this story at Slashdot.
84% of PC Users Unwilling To Pay Extra For AI-enhanced Hardware, Survey Says
Read more of this story at Slashdot.
Ransomware Continues To Pile on Costs For Critical Infrastructure Victims
Read more of this story at Slashdot.
GitLab Explores Sale
Read more of this story at Slashdot.
Damaged Internet Subsea Cables Repaired in Red Sea Amid Militant Attacks on Ships
Read more of this story at Slashdot.
Senators Press AT&T, Snowflake For Answers on Wide-ranging Data Breach
Read more of this story at Slashdot.
Startups Are Building Balloons To Hoist Tourists Into the Stratosphere
Read more of this story at Slashdot.
'Amazing' New Technology Set To Transform the Search For Alien Life
Read more of this story at Slashdot.
Startup Makes Butter Using CO2 and Water
Read more of this story at Slashdot.
CodeSOD: Sanitary Paths
When accepting user input for things like, say, accessing the filesystem, you need to do some validation. Bad or inappropriate characters could lead to surprises that no one is going to like.
So when Christian first spotted this C# method called SanitizePath, he didn't think much of it. But then he looked at the implementation…
public static string SanitizePath(string path, char replacementchar) { string result = ""; try { // Split path and filename FileInfo fi = new FileInfo(path); string filename = FileUtilities.ReplaceInvalidFileNameChars(fi.Name, replacementchar); string pathname = FileUtilities.ReplaceInvalidPathChars(fi.DirectoryName, replacementchar); result = Path.Combine(pathname, filename); } catch (Exception e) { Logger.Log(e); result = path; } return result; }We accept an input path, and attempt to open it using FileInfo. Now, the fun thing about this is that if the path contains any sort of invalid characters, it throws an ArgumentException. But let's assume there weren't any invalid characters.
If there weren't, and FileInfo was constructed successfully, we then split it by Name and DirectoryName, and replace invalid characters according to some rules not shared here. Then we combine them back together into a full path.
Now, this isn't a strictly useless function- what their FileUtilities class considers "invalid" may be application specific, and completely unrelated to what the filesystem allows. They may, for example, want to prevent profanity from being in a filename, a clbuttic option. Though, since it says it replaces invalid chars, I suspect it's avoiding certain letters- it's possible that this wants to ensure that the files remain readable on different file systems (many a C# app needs to send text files to a mainframe, even today, and they can get real picky about what characters are in those filenames).
But let's look at the exception path. If the filename can't be opened because it's invalid, we… log an error and return the input value. So SanitizePath will modify the strings if they are valid file paths, but if they're invalid file paths, it just returns the invalid file path with no meaningful information for the caller- just a log message for an admin to check eventually.
And as for how useful this method actually is, well… Christian turned it into a no-op, and nothing about the application's behavior changed. It has since been removed entirely.
.comment { border: none; } [Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!Puerto Rico Files $1 Billion Suit Against Fossil Fuel Companies
Read more of this story at Slashdot.
UK Nears 1 Million EV Chargers
Read more of this story at Slashdot.
Rite Aid Says Breach Exposes Sensitive Details of 2.2 Million Customers
Read more of this story at Slashdot.
Cloudflare Reports Almost 7% of Internet Traffic Is Malicious
Read more of this story at Slashdot.
Cutting-Edge Technology Could Massively Reduce the Amount of Energy Used For Air Conditioning
Read more of this story at Slashdot.
Google's $500 Million Effort To Wreck Microsoft EU Cloud Deal Failed, Report Says
Read more of this story at Slashdot.
Former Tesla, OpenAI Exec Andrej Karpathy Founds 'AI Native' Education Startup
Read more of this story at Slashdot.
iOS 18 Could 'Sherlock' $400 Million In App Revenue
Read more of this story at Slashdot.
Google Search Ending 'Notes' Experiment
Read more of this story at Slashdot.
Delta Air Lines CEO Questions Financial Strategy of Low-Cost Carriers
Read more of this story at Slashdot.