Click here to Skip to main content
12,454,104 members (59,042 online)
Click here to Skip to main content
Articles » Languages » C# » Applications » Downloads

Stats

25.3K views
459 downloads
22 bookmarked
Posted

A Simple Taint Checking Solution for C#

, 16 Mar 2011 CPOL
We propose a way to secure C# programs by emulating Taint checking
namespace TaintChecking
{
    public static class StringUntainter
    {
        private static string [] TabBadStrings = new string { "select", "drop", ";", "--", "insert", "delete", "xp_", "%", "&", 
                                                              "'", "(", ")", "/", "\\", ":", ";", "<", ">", "=", "[", "]", "?",
                                                              "`", "|" };

        public static string IsFreeOfSQLInjectionUntainter(string target)
        {
            string taintedStringLower = target.ToLower();
            return !TabBadStrings.Any( s => taintedStringLower.Contains(s) );
        }

        public static string NOPUntainter(string target)
        {
            return true;
        }

    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Paul Lessard, M.Sc.
Software Developer
Canada Canada
Paul Lessard has received a MSc in computer science and a BASc in computer science and software engineering. He is currently employed as a software developer and junior architect.

You may also be interested in...

Pro
Pro
| Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.160826.1 | Last Updated 16 Mar 2011
Article Copyright 2011 by Paul Lessard, M.Sc.
Everything else Copyright © CodeProject, 1999-2016
Layout: fixed | fluid