[Owasp-testing] Buffer overflow for form fields

Kevin Horvath kevin.horvath at gmail.com
Thu Apr 2 11:35:52 EDT 2009


Hello Sri,

Yes you should limit the amount and type of characters for each form
field though server/application side controls and not though and
client side controls such as via javascript.  For example a field for
a telephone number should only allow numbers and allow only the
correct amount of numbers to be inserted.  Just remember any data
coming from a client should be treated as untrusted and verified on
the server side.

Hope this helps,

Kevin

2009/4/2 me <abhijeeth.pai85 at gmail.com>:
> Hi,
>
>           As a developer should i set the charecter limit that can be typed
> in a form field , especially when we are registering users in my website. By
> not setting the charecter linmit in the form field will it lead to a buffer
> overflow attack
>
>
> Cheers,
> Sri
>
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>
>


More information about the Owasp-testing mailing list