...
Historically, using a narrow type to capture the return value of a byte input method has resulted in significant vulnerabilities, including command injection attacks; see CA-1996-22 advisory. Consequently, the severity of this error is high.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
FIO08-J | High | Probable | Yes | YesMedium | P12P18 | L1 |
Automated Detection
Some static analysis tools can detect violations of this rule.
...