Stack Overflow
Stack Overflow

Questions tagged [taint]

Taint checking is a security-related software analysis technique.

Taint checking asumes that any variable that can be modified by an external user poses a potential security risk. A taint checking tool compiles a list of all variables which are potentially influenced by outside input. If any of these variables is used to execute dangerous commands (such as direct commands to a SQL database or the host computer operating system), the taint checker warns that the program is using a potentially dangerous tainted variable.

62 questions
0
votes
2 answers

Spring JSON tainting response from JacksonMessageConverter

I have a JacksonMessageConverter in my Spring application for returning JSON response. But before the JSON is returned, I would like to taint the JSON as given in Ajax Security - Preventing JSON hijacking. Is it possible to do so when using a…
Raghav
  • 1,040
  • 2
  • 14
  • 33
0
votes
1 answer

How to add extra source code for libraries/dependencies to a CodeQL database?

I'm trying to track taint globally across a code repository I downloaded from LGTM (GNU coreutils) but CodeQL seems to also consider calls to libc 'tainted', whereas they do not actually introduce any taint. Consider the following example: size_t…
Adriaan Jacobs
  • 115
  • 5
0
votes
0 answers

Azure Devops - run Terraform taint from pipeline

Need to run "terraform taint" from an Azure Devops pipeline. The reason why I need this is outlined in this link: https://github.com/terraform-providers/terraform-provider-azurerm/issues/5990 which basically references a bug in Terraform that…
mac
  • 85
  • 8
0
votes
2 answers

Are pysa users expected to copy configuration files?

Facebook's Pysa tool looks useful, in the Pysa tutorial exercises they refer to files that are provided in the pyre-check repository using a relative path to include a path outside of the exercise…
Stephen Paulger
  • 4,793
  • 1
  • 20
  • 42
0
votes
1 answer

Insecure dependency in chdir while running with -T switch when running in docker container

I am using module-starter to create a CPAN module. It automatically creates some tests $ ls t/ 00-load.t manifest.t pod-coverage.t pod.t with shebang #!perl -T so running the tests under taint mode. It works fine on my laptop with Ubuntu 20.04…
Håkon Hægland
  • 32,521
  • 18
  • 64
  • 139
0
votes
1 answer

Sonar Taint analysis : javasecurity:S5131 : Forcing sanitization for Java Enums :

I have a Rest API developed in Java. I am using Enums as my request parameters lets say Gender is one of the Enum and say possible values of Gender are M,F I understand that requestParametrs are user controlled.Sonar is complaining that it is…
Vivek Shukla
  • 641
  • 6
  • 15
0
votes
1 answer

I don't understand the Perl Taint mode error message

I have some old Perl code I have been told is vulnerable to Cross site scripting attacks or SQL injection attacks. I figured I'd turn on taint mode by changing the shebang from #!/usr/local/bin/perl to #!/usr/local/bin/perl -T and now I get this…
Red Cricket
  • 7,996
  • 14
  • 57
  • 130
0
votes
1 answer

How to remove "taint" for Findbugs "Find Security Bugs"

I am using the "Find Security Bugs" plugin for Findbugs: https://find-sec-bugs.github.io/ Many of the detectors use "Taint analysis" to raise their warnings. Is there any documentation on how to remove "taint" from a value? I can't find any docs…
Rich
  • 13,254
  • 1
  • 56
  • 102
0
votes
2 answers

How can I invoke /sbin/iptables from a Perl CGI under taint mode?

When I invoke "sudo /sbin/iptables ..." in my Perl CGI scripts, I get the error: Insecure dependency in system while running with -T switch at usr/lib/perl5/vendor_perl/5.8.8/IPC/Run3.pm line 403 I tried to add "/sbin:/etc/sysconf:/etc/init.d" in…
Gelin Luo
  • 13,399
  • 23
  • 77
  • 119
0
votes
1 answer

Identifying taint sources in a program for taint propagation

In taint analysis, a taint source is a program location or statement that may produce an untrusted or external input. My Goal : Identify all external user inputs to the program such as cmdline-input , file reading , environment and network…
G Ashwin
  • 23
  • 6
0
votes
3 answers

Escaping string to be quoted in Perl

I'm writing a quick Perl script which takes user input and uses it as a MySQL regex. I'd like to ensure that I can pass it without any of the Bobby tables nonsense. In particular, I want to allow all kinds of special characters, while rejecting…
Charles
  • 10,210
  • 13
  • 57
  • 94
0
votes
1 answer

the soot-based flowdroid with an exception error when test an APK

I am trying to test the broadcast receiver component in an android application based on the taint analysis. However, when i am using the frowdroid to test the related application, it shows: Exception in thread "main" java.lang.NoSuchMethodError:…
Field.D
  • 148
  • 1
  • 9
0
votes
1 answer

Perl Untaint Variable By Passing Through Perl Module Subroutine

When untainting variables in Perl does all the untainting have to be done locally to the Perl (.pl) file or can it be passed through a Perl Module (.pm) to untaint? For example, untainting may look something like this: $string =~…
SpenserAD
  • 3
  • 4
0
votes
1 answer

Taint verification of a string

I developed an application that extract the IMEI of the android and stores it in a string.To verify if this string is tainted or not by using eclipse,i used "getTaintString" as following: import dalvik.system.*; import…
user1945197
  • 1
  • 1
0
votes
1 answer

perl cgi::param error with single plus sign in Taint mode

I work on a website based on Perl CGI. It's run with Perl -T (Taint mode). I noticed that a text input contains just a plus sign and nothing else ("+") causes CGI::param() to give this error: Insecure dependency in require while running with -T…
yjl101
  • 17
  • 6
1 2 3
4
5