Page History

...

Automated Detection

Tool

Diagnostic

Notes

Tainted Mode

Insecure dependency in parameter \d* of DBI::db=.* method call

Catches SQL injection.

Requires TaintIn attribute

The CERT Oracle Secure Coding Standard for Java	IDS00-J. Sanitize untrusted data passed across a trust boundary
CERT C Secure Coding Standard	STR02-C. Sanitize data passed to complex subsystems
CERT C++ Secure Coding Standard	STR02-CPP. Sanitize data passed to complex subsystems

...