Input message length validation
This point we might have less attention, because we tend to believe that ordinary users will not knowingly enter the over-stretched a little trouble, some users may, however, at this point may not be harmful. In fact, as long as we carefully consider, if not for input validation and may harm will be enormous, and why? If the user enters the information to a few megabytes, and we verify that the length of the procedure there is no, then think about the harm there: a, program verification errors; b, variable up large amounts of memory, the memory overflow occurs, to enable the server service stops and even shutdown.
I'm the Proud Owner of the most dangerous weapon
known to man kind: Human Brain
Bookmarks