--Originally published at 101 For Tec
“Any program input such as a user typing at a keyboard or a network connection – can potentially be the source of security vulnerabilities and disastrous bugs. All input should be treated as potentially dangerous.
Determined attackers can use carefully crafted input to cause programs to run unauthorized commands. This technique can be used to delete or damage data, run malicious programs, or obtain sensitive information.”
This is the reason we need to validate the inputs we include in a program, so that when we “try” to do something we “catch” the errors, exceptions etc. For this we literally use the commands try and catch. Here is one example
https://www.trinket.io/embed/python/50ed4f51fd
Also, we need to be careful using this and be sharp enough for catching all the possible exceptions so that it is very difficult to find a “whole” in our code.
References:
http://cis1.towson.edu/~cssecinj/modules/cs0/cs0-input-validation-python/
