Title: IDS00-J. Prevent SQL injection  
Author: Dhruv Mohindra Sep 21, 2009
Last Changed by: Jill Britton Jun 11, 2024
Tiny Link: (useful for email) https://wiki.sei.cmu.edu/confluence/x/ITdGBQ
Export As: Word · PDF  
Incoming Links
SEI CERT Oracle Coding Standard for Java (3)
    Page: IDS01-J. Normalize strings before validating them
    Page: SEC01-J. Do not allow tainted variables in privileged blocks
    Page: IDS52-J. Prevent code injection
SEI CERT Perl Coding Standard (1)
    Page: IDS33-PL. Sanitize untrusted data passed across a trust boundary
SEI CERT C Coding Standard (1)
    Page: STR02-C. Sanitize data passed to complex subsystems
Hierarchy
Outgoing Links
External Links (8)
    cwe.mitre.org/data/definitions/116.html
    https://www.safaribooksonline.com/library/view/secure-codin…
    cwe.mitre.org/
    sourceforge.net/projects/owasp/files/Guide/2.0.1/OWASPGuide…
    https://rules.sonarsource.com/java/RSPEC-3649
    https://rules.sonarsource.com/java/RSPEC-2077
    https://www.owasp.org/images/8/89/OWASP_Top_10_2007_for_JEE…
    cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
SEI CERT C++ Coding Standard (2)     Home page: SEI CERT C++ Coding Standard
    Page: VOID STR02-CPP. Sanitize data passed to complex subsystems
SEI CERT Oracle Coding Standard for Java (19)     Page: Klocwork
    Page: SonarQube
    Page: CodeSonar_V
    Page: Findbugs
    Home page: SEI CERT Oracle Coding Standard for Java
    Page: SonarQube_V
    Page: The Checker Framework
    Page: Parasoft
    Page: Rule 00. Input Validation and Data Sanitization (IDS)
    Page: Klocwork_V
    Page: SpotBugs
    Page: Fortify
    Page: Parasoft_V
    Page: Coverity
    Page: The Checker Framework_V
    Page: Rule AA. References
    Page: SpotBugs_V
    Page: IDS01-J. Normalize strings before validating them
    Page: Rule BB. Glossary
SEI CERT Perl Coding Standard (2)     Page: IDS33-PL. Sanitize untrusted data passed across a trust boundary
    Home page: SEI CERT Perl Coding Standard
SEI CERT C Coding Standard (3)     Page: CodeSonar
    Page: STR02-C. Sanitize data passed to complex subsystems
    Home page: SEI CERT C Coding Standard