Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
.gif "A hyphen indicates that the information in this topic is not relevant for this platform, or that the platform does not support the API that is listed.")
.gif "A checkmark indicates that the information in this topic is relevant for this platform, and that any API listed is also supported on this platform.")
10/16/2008
This topic describes security considerations for developing an MSN Direct application that promotes security by providing robust input handling to help prevent malicious data input. If an MSN Direct application accidentally accepts malicious data, a number of things might happen. For example, incorrect or improper data might be displayed in the user interface (UI). Or, an unexpected overflow of false data might cause a buffer overrun in the system.
Input Validation Guidelines
Input validation is important to help ensure MSN Direct data validity and data integrity. An MSN Direct application that uses poor input validation can be compromised by malicious input from a malicious application. Validating input is one of the first lines of defense for your MSN Direct application.
When developing your application, consider the following input validation guidelines:
Make sure that your application validates all input before it processes it or passes it to the user interface (UI).
Perform thorough validation of input data to prevent buffer overruns. A buffer overrun occurs when data that is provided by the attacker is bigger than the size that the application expects, which then overflows into internal memory space. The overflow causes corruption of other data structures in memory, and this corruption frequently leads to the attacker running malicious code on the device. For more information on handling buffers, see Strsafe.h Buffer Handling.
Always validate data obtained from all external sources, such as Web sites and Web services. This includes data sent by using the Send to GPS feature in Live Search.
Constrain and validate user input for known correct values or patterns, instead of for incorrect input. It is easier to check for a finite list of known values than to check for an infinite list of unknown malicious input types. You can either reject the malicious input or sanitize it (that is, strip out potentially unsafe characters) before acting on it.
Constrain input by validating it for type, length, format, and range.
Reject unknown malicious data, and then sanitize input; for example:
private string SanitizeInput( string input ) { // Example list of characters to remove from input. Regex badCharReplace = new Regex( @"([<>""‘%;()&])" ); string goodChars = badCharReplace.Replace( input, "" ); return goodChars; }Consider centralizing your validation routines to reduce development effort and to assist with future maintenance.