...
Failure to prevent code injection can result in the execution of arbitrary code.
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| The Checker Framework |
| Tainting Checker | Trust and security errors (see Chapter 8) | ||||||
| Parasoft Jtest |
| CERT.IDS52.TDCODE | Validate potentially tainted data before it is used in methods that generate code |
Bibliography
...
...