CRITICAL
Rule Definition
By directly using content of Request variables, you expose your application to data injection (SQL-Injection and so forth).
Remediation
Always use a validation function that check the data input (for example that the data does not contain ' etc).
Assign this value to a variable (preferably using a naming convention to distinguish safe from unsafe data), and then always use that variable.
Violation Code Sample
String unsafe = Request.Form["UserData"];
..
.. // use unsafe
=> This is unsafe to use that value directly. For example if this variable is used in a SQL-Query, it is very easy to do some SQL-Injection.
Fixed Code Sample
String safe=MyFilterStringFunction(Request.Form["UserData"]);
=> By processing the entry in the MyFilterStringFunction you can ensure that the data will not lead to SQL-Injection or other kind of attack.
Use name convention for the variable containing the safe data to distinguish it. Always use that variable afterwards.
Reference
Hacking the Code: ASP.NET Web Application Security
by Mark M. Burnett and James C. Foster
ISBN:1932266658 Syngress Publishing (c) 2004
Related Technologies
ASP
Technical Criterion
Secure Coding - Input Validation
About CAST Appmarq
CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.