196
66
The folder name was listed in File Explorer with just plain four dots ....
.
When I tried opening it, I came into some kind of endless rabbit hole loop where I opened the exact same folder again and again - I could do this endlessly. Showing the path like C:\ExamplePath\....\....\....\....\....
, etc.
It was hanging my TypeScript compilation in one specific project. It took me more than a year before I found this folder and its related problems, because it was rooted deeply in nested folders. I never expected an issue like this, so I never looked for it.
I couldn't delete the folder the normal way because of the special name. In the end, I could remove it by using the command line and deleting the parent folder with rd /s /q path
.
Afterward, I tried to create the folder again but was unable to do so with both File Explorer and the command line.
In my 20-plus years of using Windows I have never seen this bug before, so I can imagine that it would really be an annoying and confusing problem for amateur users.
Does anyone know how this could have happened and how to reproduce this issue?
Update
For people who are interested: this path was located deep within a TFS folder. So probably TFS uses the bypass method @grawity explained ("Various file managers, archivers, etc")
Did I stumble on a rare TFS bug?
5The answers below detail what's happening, how to reproduce it intentionally, and how to fix it, but they don't mention why it happened. Since
..
can be used in a path to indicate 'go up one folder', I would hazard a guess that somewhere along the line, some program or script concatenated two strings to create a path, one ended with..
, and the next began with..
, and since it used one of the techniques mentioned below, it succeeded in creating the path, even though it was missing the folder separator between them. – 3D1T0R – 2018-10-31T20:58:47.9776strange things will also happen if you create a folder with only spaces in its name – phuclv – 2018-11-01T04:32:50.427
7Is this server on the internet? Just to warn you I regularly see hack attempts on internet facing web servers requesting:
GET /....\\....\\....\\....\\....\\....\\....\\....\\....\\winnt\\win.ini
. Clearly there is/was some vulnerability somewhere that this attempts to exploit. – Andy Brown – 2018-11-02T16:11:54.9874@AndyBrown much more likely that's
..
, not....
. It's simply a way to traverse to\winnt
regardless of the depth of the starting point (the web root), so long as the starting point is less than 9 levels deep. It relies on the fact that going..
from the root directory leaves you at the root directory. – hobbs – 2018-11-02T17:32:05.693@hobbs Yeah but web servers often check for
..
– user253751 – 2018-11-03T07:08:46.6005@hobbs That's a copy and paste from the Apache access log on linux. Definitely 4 dots in there. There are other hack attempts logged that do use
..
which was why I found this one rather odd. – Andy Brown – 2018-11-03T09:47:56.1803
@AndyBrown: There was, nearly two decades ago. The last OS to install to
– user1686 – 2018-11-05T06:29:29.303C:\WINNT
by default was Windows 2000. But even that would have used..
, not any other number of dots.3There's a highly relevant xkcd (#981), but given that the title is slightly NSFW, I'm not going to directly link it here... – tonysdg – 2018-11-06T17:30:29.680
Probably unrelated, but as I recall Windows 95 used
...
to refer to the grandparent directory, and....
to refer to the great-grandparent directory. – john_e – 2019-06-04T14:58:28.943