SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Title: IDS01-J. Normalize strings before validating them  
Author: Dhruv Mohindra Sep 26, 2009
Last Changed by: Will Snavely Nov 16, 2017
Tiny Link: (useful for email) https://wiki.sei.cmu.edu/confluence/x/gjdGBQ
Export As: Word · PDF  
Incoming Links
SEI CERT Oracle Coding Standard for Java (4)
    Page: FIO16-J. Canonicalize path names before validating them
    Page: IDS00-J. Prevent SQL injection
    Page: IDS51-J. Properly encode or escape output
    Page: JNI04-J. Do not assume that Java strings are null-terminated
Android (1)
    Page: Applicable in Principle to Android (Java Rules/Recomendations)
Hierarchy
Parent Page
    Page: Rule 00. Input Validation and Data Sanitization (IDS)
Labels
Global Labels (7)
Recent Changes
Time Editor  
Nov 16, 2017 14:43 Will Snavely View Changes
Feb 26, 2017 14:53 Robert Schiela View Changes
Made priority and level ratings in risk assessment bold, to be consistent.
Jan 05, 2017 14:53 Will Snavely View Changes
Oct 05, 2016 16:26 David Svoboda View Changes
AD TCF
Nov 27, 2014 10:32 Fred Long  
Outgoing Links
External Links (6)
    cwe.mitre.org/data/definitions/289.html
    www.lookout.net/wp-content/uploads/2009/03/chris_weber_expl…
    www.unicode.org/reports/tr15/tr15-23.html
    cwe.mitre.org/data/definitions/180.html
    cwe.mitre.org/
    java.sun.com/javase/6/docs/api/
SEI CERT Oracle Coding Standard for Java (9)     Page: The Checker Framework_V
    Page: IDS00-J. Prevent SQL injection
    Page: Rule BB. Glossary
    Home page: SEI CERT Oracle Coding Standard for Java
    Page: Rule AA. References
    Page: Fortify
    Page: The Checker Framework
    Page: Rule 00. Input Validation and Data Sanitization (IDS)
    Page: IDS02-J. Canonicalize path names before validating them