Index

blacklist, Basics of input validation

buffer bounds, Restrict Operations to Buffer Bounds (Avoid Buffer Overflow)

buffer overflow, Restrict Operations to Buffer Bounds (Avoid Buffer Overflow)

complete mediation, Follow Good Security Design Principles

design, Design Your Program for Security

dynamically linked libraries (DLLs), Dynamically Linked Libraries

easy to use, Follow Good Security Design Principles

economy of mechanism, Follow Good Security Design Principles

fail-safe defaults, Follow Good Security Design Principles

format strings, Control Data Formatting (Format Strings)

injection

shell, Shell injection

SQL, SQL injection

input validation, Validate All Input

least common mechanism, Follow Good Security Design Principles

least privilege, Follow Good Security Design Principles, Minimize Privileges

logical quotation, Document Conventions

metacharacters, Handle Metacharacters

minimize feedback, Minimize Feedback

non-bypassability, Follow Good Security Design Principles

open design, Follow Good Security Design Principles

psychological acceptability, Follow Good Security Design Principles

salted hashes, Passwords

Saltzer and Schroeder, Follow Good Security Design Principles

separation of privilege, Follow Good Security Design Principles

shell injection, Shell injection

simplicity, Follow Good Security Design Principles

SQL injection, SQL injection

time of check - time of use, Sequencing (Non-Atomic) Problems

TOCTOU, Sequencing (Non-Atomic) Problems

UTF-8, Introduction to UTF-8

UTF-8 security issues, UTF-8 Security Issues

whitelist, Basics of input validation