主权项 |
1. A method of enhancing secure operation of a computer which receives input data from an untrusted source, and which operates an application program which can utilise said input data, said method comprising the steps of:
creating a tainted value cache, storing in said cache said input data, in the event that said application program invokes a method which utilises data from said cache, intercepting said data before it is utilised by said application program and subjecting the intercepted data to a data content test, if said intercepted data passes said data content test, forwarding said intercepted data to said application program for utilisation, and if said intercepted data fails said data of content test, implementing a security action. |