 
                            ...
Using path names from untrusted sources without first canonicalizing them and then validating them can result in directory traversal and path equivalence vulnerabilities.
| Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level | 
|---|---|---|---|---|---|---|
| FIO16-J | Medium | Unlikely | No | NoMedium | P4P2 | L3 | 
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| The Checker Framework | 
 | Tainting Checker | Trust and security errors (see Chapter 8) | ||||||
| Coverity | 7.5 | BAD_EQ | Implemented | ||||||
| Fortify | 1.0 | Path_Manipulation | Implemented | ||||||
| Parasoft Jtest | 
 | CERT.FIO16.CDBV | Canonicalize data before validation | 
...