Taint source和Taint入口点有什么区别?我看到两个地方都不同,但听到人们互换使用它们。
有人可以详细解释我。请。
答案 0 :(得分:0)
根据Fortify_Glossary文件(第29页),Taint Source和Taint Entry Point将是同一件事:
A program point where tainted data must not flow. When the Dataflow Analyzer finds a point where data can flow from source to sink, it reports an issue.
A program point through which tainted data enters, such as a function that reads data from an untrusted data source.
但是,我们应该知道污点标志可以分为3类:
常规(从应用程序外部提供数据)
CONSTANTFILE, DATABASE, FORM, GUI_FORM, NETWORK, SERIALIZED, STREAM, WEB, WEBSERVICE
特定(表示来自应用程序内部的数据)
ARGS, FILE_SYSTEM, ENVIRONMENT, PRIVATE, PROPERTY, REGISTRY, STDIN, SYSTEMINFO
中立:描述数据的属性
NUMBER, EXCEPTIONINFO, VALIDATED_issue category, etc.