From the course: Programming Foundations: Secure Coding
Unlock the full course today
Join today to access over 24,000 courses taught by industry experts.
Error handling issues
From the course: Programming Foundations: Secure Coding
Error handling issues
- Error handling is an important part of application development. It allows the developer to prevent the application from abnormal termination while also providing a great place for troubleshooting break points when issues do arise. What makes it powerful for developers also makes it attractive for bad actors. One of the most frequent vulnerabilities comes from information disclosure through error messaging. In these vulnerabilities the application raises an error that produces an error status. This error status usually results in a message or a redirect in the web world. The vulnerability arises when that error message discloses information such as a stack trace or a database dump. This information can be very valuable for an attacker trying to gain entry to your system. Even the disclosure of your internal error codes can be used to attack your system. Even how you raise an error can provide an attack point.…
Contents
-
-
-
-
-
(Locked)
Error handling issues3m 21s
-
(Locked)
Logging and output issues4m 9s
-
(Locked)
Internal data management issues3m 9s
-
(Locked)
Configuration issues4m 29s
-
(Locked)
Database issues3m 51s
-
(Locked)
File and I/O issues3m 54s
-
(Locked)
Memory management issues4m 34s
-
(Locked)
Dependency issues2m 46s
-
(Locked)
-
-
-