Improper input validation

You must add a |reason= parameter to this Cleanup template – replace it with {{Cleanup|reason=<Fill reason here>}}, or remove the Cleanup template.

String programming is believed to be easy by programmers. This is hower not the case: several implementation / design flaws are associated with string programming, some of those are associated with security exploits.

Software programmers often assume that strings are canonical. This a fallacy.

Fallacy:

    "<script>" can only be written as "<script>"

This is not true. Many HTML processors will accept "<SPACEscript>" or "<NULscript>"

A lot of people believe that

  String1 + User_Input_String + String2

will behave in some sort of controlled manner. This is not true.

In many environments, it is possible to truncate the string with clever input.

• PHP: %00 (NUL) can terminate strings, when used for API calls.
• Oracle: CHR(0) (NUL) can terminate strings when used for e.g. EXECUTE IMMEDIATE.

In many environments, it is possible to "ask" the system to ignore the rest of the string, using "comment" characters.

• Many languages: /* means ingore everything until a */ combination.
• SQL: -- means ignore rest of line
• Unix shells: # means ignore rest of line

• Format string attack - *printf format strings are dangerous
• Buffer overflow - Buffer overflows often occurs in unsafe string functions
• Cross site scripting - unsafe output of input strings
• Directory traversal - concatenating strings to create a filename is not a good idea
• SQL injection - concatenating strings to create a SQL statement is not a good idea