logo

Path Equivalence: 'file name' (Internal Whitespace)

Incomplete Variant
Structure: Simple
Description

This vulnerability occurs when an application accepts file paths containing internal spaces (like 'file name') without proper validation. Attackers can exploit this ambiguity to bypass security checks, potentially accessing files or directories outside the intended scope.

Extended Description

File systems and security filters often handle paths with internal spaces inconsistently. An attacker can submit a path like 'important document' when the system expects 'important_document' or 'important%20document'. This mismatch can trick the application's validation logic, allowing the request to proceed to the underlying operating system, which may resolve it to a legitimate but unintended file. To prevent this, developers must normalize and strictly validate all user-supplied path inputs before processing. Implement a canonicalization step that removes or rejects internal whitespace, and use allowlists for permitted directory locations. Never rely solely on blacklisting specific characters or patterns, as file system interpretation can vary across platforms.
Common Consequences 1
Scope: ConfidentialityIntegrity

Impact: Read Files or DirectoriesModify Files or Directories
Observed Examples 2
CVE-2000-0293Filenames with spaces allow arbitrary file deletion when the product does not properly quote them; some overlap with path traversal.
CVE-2001-1567"+" characters in query string converted to spaces before sensitive file/extension (internal space), leading to bypass of access restrictions to the file.
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Modes of Introduction
Implementation
Functional Areas
  1. File Processing
Affected Resources
  1. File or Directory
Related Weaknesses
ChildOf: Improper Resolution of Path Equivalence (CWE-41)
Taxonomy Mapping
  • PLOVER
  • OWASP Top Ten 2004
  • Software Fault Patterns
Notes
RelationshipThis weakness is likely to overlap quoting problems, e.g. the "Program Files" unquoted search path (Unquoted Search Path or Element). It also could be an equivalence issue if filtering removes all extraneous spaces.
RelationshipWhitespace can be a factor in other weaknesses not directly related to equivalence. It can also be used to spoof icons or hide files with dangerous names (see icon manipulation and visual truncation in User Interface (UI) Misrepresentation of Critical Information).