Summary

  • Do use fixed format strings, or format strings from a trusted source.

  • Do check and limit locale requests to valid values.

  • Do not pass user input directly as the format string to formatting functions.

  • Consider using higher-level languages that tend to be less vulnerable to this issue.



19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net