Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search
Log in
Confluence
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
SEI CERT Oracle Coding Standard for Java
Pages
Boards
Space shortcuts
Dashboard
Secure Coding Home
Android
C
C++
Java
Perl
Page tree
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
SEI CERT Oracle Coding Standard for Java
2 Rules
Rule 00. Input Validation and Data Sanitization (IDS)
IDS00-J. Prevent SQL injection
Page Information
Title:
IDS00-J. Prevent SQL injection
Author:
Dhruv Mohindra
Sep 21, 2009
Last Changed by:
Jill Britton
Jun 11, 2024
Tiny Link:
(useful for email)
https://wiki.sei.cmu.edu/confluence/x/ITdGBQ
Export As:
Word
·
PDF
Incoming Links
SEI CERT Perl Coding Standard (1)
Page:
IDS33-PL. Sanitize untrusted data passed across a trust boundary
SEI CERT Oracle Coding Standard for Java (3)
Page:
IDS01-J. Normalize strings before validating them
Page:
SEC01-J. Do not allow tainted variables in privileged blocks
Page:
IDS52-J. Prevent code injection
SEI CERT C Coding Standard (1)
Page:
STR02-C. Sanitize data passed to complex subsystems
Hierarchy
Parent Page
Page:
Rule 00. Input Validation and Data Sanitization (IDS)
Labels
Global Labels (8)
draft
ids
cwe-79
android
dos
rule
android-implementation-detail-java
analyzable
Recent Changes
Time
Editor
Jun 11, 2024 05:06
Jill Britton
View Changes
Jun 11, 2024 05:04
Jill Britton
View Changes
May 01, 2023 08:42
David Svoboda
View Changes
Oct 20, 2022 14:44
David Svoboda
View Changes
Jan 24, 2022 10:44
Winfried Gerlach
View Page History
Outgoing Links
External Links (8)
cwe.mitre.org/data/definitions/116.html
https://www.safaribooksonline.com/library/view/secure-codin…
cwe.mitre.org/
sourceforge.net/projects/owasp/files/Guide/2.0.1/OWASPGuide…
https://rules.sonarsource.com/java/RSPEC-3649
https://rules.sonarsource.com/java/RSPEC-2077
https://www.owasp.org/images/8/89/OWASP_Top_10_2007_for_JEE…
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
SEI CERT C++ Coding Standard (2)
Home page:
SEI CERT C++ Coding Standard
Page:
VOID STR02-CPP. Sanitize data passed to complex subsystems
SEI CERT Perl Coding Standard (2)
Page:
IDS33-PL. Sanitize untrusted data passed across a trust boundary
Home page:
SEI CERT Perl Coding Standard
SEI CERT Oracle Coding Standard for Java (19)
Page:
Klocwork
Page:
SonarQube
Page:
CodeSonar_V
Page:
Findbugs
Home page:
SEI CERT Oracle Coding Standard for Java
Page:
SonarQube_V
Page:
The Checker Framework
Page:
Parasoft
Page:
Rule 00. Input Validation and Data Sanitization (IDS)
Page:
Klocwork_V
Page:
SpotBugs
Page:
Fortify
Page:
Parasoft_V
Page:
Coverity
Page:
The Checker Framework_V
Page:
Rule AA. References
Page:
SpotBugs_V
Page:
IDS01-J. Normalize strings before validating them
Page:
Rule BB. Glossary
SEI CERT C Coding Standard (3)
Page:
CodeSonar
Page:
STR02-C. Sanitize data passed to complex subsystems
Home page:
SEI CERT C Coding Standard
Overview
Content Tools
{"serverDuration": 102, "requestCorrelationId": "95a830378f529511"}