Sanitize user input: Difference between revisions
→{{header|Phix}}: clarified sqlite3_bind_text and added rm -rf not practical note
Puppydrum64 (talk | contribs) m (Adjusted formatting for clarity) |
(→{{header|Phix}}: clarified sqlite3_bind_text and added rm -rf not practical note) |
||
Line 18:
=={{header|Phix}}==
As noted there is no magic "one size fits all" solution, and in the specific case of sql the use of sqlite3_prepare() and sqlite3_bind_text() is strongly recommended in preference to sqlite3_exec() or sqlite3_get_table(), at least for any questionable input. Using sqlite3_bind_text() there is no problem whatsoever with having a student named (say) "Robert'); DROP TABLE students;--".
Given some suspect [Phix] source code to be run, it is simply not practical to cover cases such as system(rot13(reverse("se- ze"))) or any of the other myriad ways in which harmful content could be disguised. In case you have not guessed, that would execute "rm -rf", assuming the code also contains a working rot13() implementation.
Of course you could block all use, even legitimate, of things like system(), as covered by [[Safe_mode]] and [[Untrusted_environment]].
The inverse problem recently arose in p2js, whereby otherwise perfectly
|