...
- command processor via a call to
system()or similar function - relational databases
- third-party COTS components (e.g.,
A better The white listing approach to data sanitization sanatization is to define a list of acceptable characters
and remove any character that is not acceptable. The list of valid input values
is typically a predictable, well-defined set of manageable size. For The following example,
consider based on the tcp_wrappers package written by Wietse Venema and shown in
Figure 8-7., illustrates white listing approach:
| Code Block |
|---|
static char ok_chars[] = "abcdefghijklmnopqrstuvwxyz\
ABCDEFGHIJKLMNOPQRSTUVWXYZ\
1234567890_-.@";
char user_data[] = "Bad char 1:} Bad char 2:{";
char *cp; /* cursor into string */
for (cp = user_data; \*(cp \+= strspn(cp, ok_chars)); )
*cp = '_';
|
The benefit of white listing is that a programmer can be certain that a
string contains only characters that are considered safe by the programmer.
White listing is recommended over black listing because, instead of having
to trap all unacceptable characters, the programmer only needs to ensure that
acceptable characters are identified. As a result, the programmer can be less
concerned about which characters an attacker may try in an attempt to bypass
security checks.static char ok_chars[] = "abcdefghijklmnopqrstuvwxyz\
ABCDEFGHIJKLMNOPQRSTUVWXYZ\
1234567890_-.@";
char user_data[] = "Bad char 1:} Bad char 2:{";
char cp; / cursor into string */
for (cp = user_data; *(cp += strspn(cp, ok_chars)); )
*cp = '_';
References
7.20.4.6 The system function