https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85773
Bug ID: 85773 Summary: Embedded nulls in filesystem::path cause problems Product: gcc Version: 9.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: libstdc++ Assignee: unassigned at gcc dot gnu.org Reporter: redi at gcc dot gnu.org Target Milestone: --- #include <filesystem> int main() { std::filesystem::create_directories("a/b"); std::string s("a\0/..", 5); for (auto f : std::filesystem::recursive_directory_iterator(s)) { } } $ GCC 8 -std=c++17 null.cc -lstdc++fs $ ./a.out terminate called after throwing an instance of 'std::filesystem::__cxx11::filesystem_error' what(): filesystem error: cannot increment recursive directory iterator: Too many open files Aborted (core dumped) The problem is that we call opendir(pathname.c_str()) which only reads up to the null terminator, so we open "a" but then the pathname for the first element in the iteration sequence is formed by concatenating "a\0/.." / "b" and then recursing by calling opendir(path("a\0/../b").c_str()) which opens "a" again. This keeps looping, opening "a" every time until we reach the ulimit for open files.