[Info-vax] Teaching, was: Re: Any stronger versions of the LMF planned ?
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Fri Aug 13 08:06:18 EDT 2021
On 2021-08-12, Lawrence D?Oliveiro <lawrencedo99 at gmail.com> wrote:
> On Friday, August 13, 2021 at 12:15:25 AM UTC+12, Simon Clubley wrote:
>>
>> You need to learn the SQL syntax and how to apply it to applications but
>> you should be using a parameter based API to actually build the SQL query.
>
> There seems to be a lot of fear and loathing around the simple concept of properly escaping parameter values in SQL and other embedded languages, isn?t there? This stuff isn?t so hard--they?re all just regular grammars, after all.
>
Yes there is. Programmers don't like it when their code ends up being
analyzed inside of a CVE.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
More information about the Info-vax
mailing list