摘要 |
A method is disclosed that includes tracking untrusted inputs through an executing program into a sink, the tracking including maintaining context of the sink as strings based on the untrusted inputs flow into the sink. The method also includes, while tracking, in response to a string based on an untrusted input being about to flow into the sink and a determination the string could lead to an attack if the string flows into a current context of the sink, endorsing the string using an endorser selected based at least on the current context of the sink, and providing the endorsed string to the sink. Computer program products and apparatus are also disclosed. |