Talk:Code injection

From Wikipedia, the free encyclopedia

[edit] Cleanup!

This could be a very interesting article and I have already learned a lot from it, but it needs attention:

  • A little more background could be set; the article could be confusing for people not familiar with the subject (though that said, you're unlikely to stumble on this article.)
  • There seems to be a little overuse of bold/italics here and their use is not consistent. Sometimes bold is used and sometimes italics are used.
  • More expansion to the "HTML/Script Injection" section?

I'll do what I can later since this looks a very promising article. --82.18.240.96 21:01, 3 January 2006 (UTC)

I'd love to help on this article, since it is very much related to Buffer overflow and Shellcode, which I have done alot of work on. Anyone else on board? -- Tompsci 17:54, 11 January 2006 (UTC)

I'm responsible for some parts of the mess here :-) I Suggest:

  • Move the input validation etc parts to a new article and link to it.
  • Adding a non-technical section which describes the issue in a broader, less technical, manner. --Blaufish 16:32, 3 May 2006 (UTC)

[edit] Whats the difference?

Would like to know whats the difference between Throw away bad characters and Filter out known bads-- seems to be the same thing. Interestingly, "Throw away bad characters" is termed as practical and widely used and the "Filter out known bads" is termed as the worst form of defence. Maybe I am ignorant and don't get it - can somebody please explain?

I think you're right, so I removed it. 131.211.81.206 09:15, 6 April 2006 (UTC)
The world "filter" seems to be inconsistently used among all the sites I've seen, usually to mean "sanitize non-destructively" but sometimes to mean "strip out". I think it would be helpful to disambiguate in the article 64.171.57.66 22:41, 18 April 2006 (UTC)
I moved the entire section of secure input / output management to a new page, so the subjects could be expanded and clarified. I agree to 100% that the same thing was presented twice :-) --Blaufish 18:45, 3 May 2006 (UTC)

[edit] scope of code injection to include or not include buffer overflows etc

Hmmm... Personally I view Code Injection as the examples stated, e.g. sql injection, shell injection, php injection etc etc etc - all cases of attacks against a eval(), sql_query(), include() like command being fead with user input.

With the current initial description of Code Injection, one might interpret it as buffer overflows and formation string vulnerabilities (which allows injecting machine code into an application) as being code injection.

Altough these problems are similar (they allow aribitrary code execution), they are fundamentally different because they rely on memory problems rather than the "obviously stupid" eval( $user_input ).

I think we should clarify the description to NOT include Buffer Overflows and similar memory problems, but I'm not entirely certain. Opinions please! --Blaufish 19:36, 3 May 2006 (UTC)

I think you could mention buffer overflows as a form of code injection as long as you make clear the usage of the term "code injection". In my mind any user input which can be executed beyond that intended to be by the programmer would qualify. This includes but is not limited to:
I don't really have the time to contribute heavily to this article anymore (exam term). But I would be happy to discuss it. -- Tompsci 23:21, 3 May 2006 (UTC)
Rather than a blow for blow account, it would be useful to discuss what's common to all these vulnerabilities, i.e. lack of input checking and flaws in such checking (Hotmail.com vulnerabilities?). -- Tompsci 23:27, 3 May 2006 (UTC)
Retrieved from "http://en.wikipedia.org../../../c/o/d/Talk%7ECode_injection_e011.html"