Page 8 of 13. Showing 123 results (0.007 seconds)
Re: IDS51-J. Properly encode or escape output
In the intro section, we talk about output sanitization and not output filtering. i'm guessing these two concepts are the same and we should use the term "sanitization" for consistency.Rule. Introduction
and your assumptions concerning trust. Input Validation and Data Sanitization Leaking Sensitive Data Type Safety Leaking Capabilities Denial of ServiceRe: ERR01-J. Do not allow exceptions to expose sensitive information
From Sun's secure coding guidelines doc - Do not sanitize exceptions containing information derived from caller inputs. If a caller provides the name of a file to be opened, for example, do not sanitize any resulting FileNotFoundException thrown when attempting to open that file. Unsure if the exceptionRe: IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method
The rule ENV03-C. Sanitize the environment when invoking external programs discusses how to sanitize environment variables before invoking external programs. At first I thought it needs a Java analogue, and then I realized that this rule could have a new NCCE/CS pair discussing how to do this. Not sure if itsRe: JNI04-J. Do not assume that Java strings are null-terminated
and going directly to NewStringUTF(). IF Java has a ASCII-to-Mod-UTF8 JNI function, you can also leverage that to know when strings are being properly sanitized. Which is the point...this is a sanitization problem of sorts. Well...actually a normalization problem, but it stil lcan be handled by the same techniques that weRe: FIO32-C. Do not perform operations on devices that are only appropriate for files
that the advice here (or perhaps somewhere else) is to perform platform-specific sanitization of file inputs even if the path is sanitized. MigratedRe: IDS51-J. Properly encode or escape output
); is suitable contents for the display() function, but has no sanitization problems. Also, we traditionally describe the exploit-ability of code in text after the code, not in a comment. Dhruv's code example is a good start at a NCCE...it also does not indicate why not sanitizing its input is bad, but that can be fixed.Re: ENV03-C. Sanitize the environment when invoking external programs
Spotted a couple more problems with the grep example: It calls spc_sanitize_environment() to sanitize the environment, but that function does not alter the current environment, it creates a new one for use with execle() or execve(). One solution might be to do the sanitizing in the shell command. It would meanRe: ENV03-C. Sanitize the environment when invoking external programs
changes are needed to make the code safe: It should sanitize the environment (or at least have a comment saying "sanitize the environment hereERR07-J. Do not throw RuntimeException, Exception, or Throwable
that sanitize exceptions to comply with a security policy are permitted to translate specific exceptions into more general exceptions. This translation could potentially