×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Hello Peter,
Am 04.03.2021 um 19:44 schrieb Peter Dow <petercdow@xxxxxxxxx>:
Don't forget SQL injection problems. Even a program that uses a 5250 display file can have malicious, non-arbitrary data in field if it happens to be used as part of a WHERE clause
Yes. This is part of the "verify your input" mantra. :-)
I meant 5250 being secure in the way that I expect the fixed field size automatically preventing buffer overflows, and the emulator programs (and terminals) most often not allow to insert arbitrary characters, such as a NUL character. It's still possible to (ab)use Alt+three-digit-number on PC platforms to insert characters not available trough normal keystrokes.
Hope this clarifies my point. :-)
:wq! PoC
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
