...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| IO.INJ.COMMAND IO.INJ.FMT IO.INJ.LDAP IO.INJ.LIB IO.INJ.SQL | Command Injection Format String Injection LDAP Injection Library Injection SQL Injection | ||||||
| Coverity | 6.5 | TAINTED_STRING | Fully Implemented | ||||||
5.0 |
|
| |||||||
| NNTS.TAINTED SV.TAINTED.INJECTION |
|
...
Related Guidelines
| CERT C++ Secure Coding Standard | STR02-CPP. Sanitize data passed to complex subsystems |
| CERT Oracle Secure Coding Standard for Java | IDS00-J. Sanitize untrusted data passed across a trust boundaryPrevent SQL Injection |
| MITRE CWE | CWE-88, Argument injection or modification CWE-78, Failure to sanitize data into an OS command (aka "OS command injection") |
...