SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 73

changes.mady.by.user vishal patel

Saved on

compared with

New Version 74

changes.mady.by.user vishal patel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Automated update-Scrapy V0.1 Fixing Navigation links Automatic Nagivation Script

...

Wiki Markup
\[[Chess 2007|AA. Bibliography#Chess 07]\] Chapter 5: Handling Input, "Command Injection"
\[[MITRE 2009|AA. Bibliography#MITRE 09]\] [CWE ID 78|http://cwe.mitre.org/data/definitions/78.html] "Failure to Preserve OS Command Structure (aka 'OS Command Injection')"
\[[OWASP 2005|AA. Bibliography#OWASP 05]\] [Reviewing Code for OS Injection|http://www.owasp.org/index.php/Reviewing_Code_for_OS_Injection]
\[[Permissions 2008|AA. Bibliography#Permissions 08]\] [Permissions in the Java™ SE 6 Development Kit (JDK)|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html], Sun Microsystems, Inc. (2008)

...

Image RemovedIDS03-J. Sanitize non-character code points before performing other sanitization            IDS06IDS13-J. Do not pass untrusted, unsanitized data to the Runtime.exec() methodAccount for supplementary and combining characters in globalized code