Click here to Skip to main content
11,487,406 members (71,430 online)
Click here to Skip to main content
Articles » Languages » C# » Applications » Downloads
Add your own
alternative version

A Simple Taint Checking Solution for C#

, 16 Mar 2011 CPOL 21.9K 435 22
We propose a way to secure C# programs by emulating Taint checking
namespace TaintChecking
{
    public static class StringUntainter
    {
        private static string [] TabBadStrings = new string { "select", "drop", ";", "--", "insert", "delete", "xp_", "%", "&", 
                                                              "'", "(", ")", "/", "\\", ":", ";", "<", ">", "=", "[", "]", "?",
                                                              "`", "|" };

        public static string IsFreeOfSQLInjectionUntainter(string target)
        {
            string taintedStringLower = target.ToLower();
            return !TabBadStrings.Any( s => taintedStringLower.Contains(s) );
        }

        public static string NOPUntainter(string target)
        {
            return true;
        }

    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Paul Lessard, M.Sc.
Software Developer
Canada Canada
Paul Lessard has received a MSc in computer science and a BASc in computer science and software engineering. He is currently employed as a software developer and junior architect.

| Advertise | Privacy | Terms of Use | Mobile
Web04 | 2.8.150520.1 | Last Updated 16 Mar 2011
Article Copyright 2011 by Paul Lessard, M.Sc.
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid