How to write SQL injection proof PL/SQL

PL/SQL whitepaper argues for the strategy that bans direct SQL access to the … This paper focuses unashamedly on writing injection-proof de novo PL/SQL …

More PDF Content

How to write injection-proof PL/SQL
Page 1
How to write injection-proof PL/SQL An Oracle White Paper September 2008
Page 2
How to write injection-proof PL/SQL 21-September-2008 www.oracle.com/technology/tech/pl_sql/pdf/how_to_write_injection_proof_plsql.pdf NOTE The following is intended to outline our general product direction. it is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Page 3
How to write injection-proof PL/SQL 21-September-2008 www.oracle.com/technology/tech/pl_sql/pdf/how_to_write_injection_proof_plsql.pdf How to write injection-proof PL/SQL CONTENTS
Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Periodic revision of this paper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Definition of SQL injection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Introducing a new notion: SQL syntax template . . . . . . . . . . . . . . . . . . . . . . . 4
Distinguishing between compile-time-fixed SQL statement text and run-time-created SQL statement text . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Distinguishing between a static SQL syntax template and a dynamic SQL syntax template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Definition of static SQL syntax template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Definition of dynamic SQL syntax template

Download How to write SQL injection proof PL/SQL pdf from www.oracle.com, 67 pages, 749.77KB.
Related Books

Leave a Reply