Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Stefan Esser's Blog:
CORE GRASP - PHP Tainted Mode
Aug 22, 2007 @ 16:19:27

Stefan Esser points out a new patch today - CORE GRASP - from the Core Security Technologies group that provides taint support surrounding the mysql_query function.

Their implementation adds a tainted or not flag for every byte so that it is possible on invocation of mysql_query() to determine any kind of injection.

Unfortunately, Stefan also mentions two big issues it might have from the get-go: the overhead for the memory needed can slow things down and an incorrect parsing in their query handler could lead to injection attacks.

tagged: core grasp patch php5 taint support mysqlquery security technologies core grasp patch php5 taint support mysqlquery security technologies

Link: