...
Tools that support taint analysis enable assurance of code usage that is substantially similar to the first compliant solution. Typical taint analyses assume that one or more methods exist that can sanitize potentially tainted inputs, providing untainted outputs (or appropriate errors). The taint analysis then ensures that only untainted data is used inside the doPrivileged block. Note that the static analyses must necessarily assume that the sanitization methods are always successful, but in reality, this may not be the case.
| Tool | Version | Checker | Description | ||||
|---|---|---|---|---|---|---|---|
| Parasoft Jtest |
|
| CERT. |
| SEC01.PRIVIL | Avoid operating on tainted data in privileged blocks |
Related Guidelines
CWE-266, Incorrect Privilege Assignment | |
Guideline 9-3 / ACCESS-3: Safely invoke |
...