Validate ""text/string user inputs"" so that your software doesn't get hacked.

[Amit]

------------------------------------------------------------------------------
Validate ""text/string user inputs"" so that your software doesn't get hacked.
------------------------------------------------------------------------------

In my opinion, most of the software hacking happens because the
""""text/string user inputs"""" are not validated.

Some hacking may happen because of weak passwords, misconfiguration, weak
cryptographic/encryption keys, etc., but, in my opinion, not validating the
""""text/string user inputs"""" is the main source of most of the software
hacking.

NOTE: Please note that in this article, all inputs mean
      """"text/string user inputs"""" and not any other inputs.

So, in this article, we will focus on how to validate the text/string inputs so
that the software doesn't get hacked.

To validate a text/string input, you have to do the following three things:

    1. The length of the text/string input should be limited to a certain value.
       If it is not, then hackers can take advantage of it and pass a malicious
       long text/string that can have some executable code or something else
       that can result in the software getting hacked.

       For example, if the text/string input is the address of a user, then you
       can limit it to 200 characters. If you don't limit it, then the hackers
       can take advantage of the unlimited length of this input, and then they
       may become successful in hacking the software.

       200 characters is a reasonable choice for an address. If some user has an
       address that is longer than 200 characters, then that user can't be
       entertained, and that is ok. We should not compromise the security of the
       software to satisfy all the users.

       If we try to satisfy all the users, then we have to keep the length of
       the address input as unlimited, and as explained above, this can lead to
       your software getting hacked.

       So, from the security point of view, it is wise to satisfy only the
       majority of the users.

       The idea here is to limit the length of a text/string input to such a
       value that is reasonable and that will satisfy most of the users.
       Some users may be left out, and that's ok, because, to accommodate those
       small number of users, the software may become insecure, and then the
       software may get hacked.

       """"So, please don't sacrifice the security of your software for a
       small number of users.""""

       If your text/string input is actually an integer, then also you can put a
       limit on its length. The largest integer that can be supported on a
       64-bit system is 18,446,744,073,709,551,615 and it has 20 digits. So, you
       can limit the length of this text/string input to 20 characters.

    2. If the length of the text/string input is greater than the length limit
       that you have set, then you should reject the input and send an error to
       the user. If you don't reject the input, then you will have to truncate
       the input to the allowed length, and then check the contents of the
       truncated input as to whether the contents are valid/correct or not.
       But, in most of the cases, the truncated input will not be valid/correct.
       Even if it is valid/correct in some cases, even then the truncated input
       can create some issues in your software, or the user won't be happy that
       the input got truncated, or the user may not want that the truncated
       input be processed by your software.

       So, it is best to reject the text/string input whose length is greater
       than the allowed length for that input.

    3. If the length of the text/string input is within the length limit set by
       you, then now you have to check whether the contents of the text/string
       input are valid/correct or not.

       Now, checking the contents of a text/string input is straight-forward for
       some types of inputs, and impossible for some other types of inputs.

       For example, if the text/string input is an IPv4 address, then it is
       straight-forward to check whether it is a valid IPv4 address or not.

       But, if the text/string input is an address, then there is no way to
       verify that the address is valid/correct because there are millions of
       addresses in this world and obviously, no software stores all the
       addresses. So, you can't verify whether an address is valid/correct or
       not.

       So, in cases where you can't verify that the contents of the text/string
       inputs are valid/correct or not, then you have to rely on the length
       limit that you have set for these text/string inputs to save your
       software from getting hacked.

       This all points to the fact that limiting the length of all text/string
       inputs is very important for avoiding software hacking.

---- End of the article ----