Stack Overflow
Stack Overflow

Questions tagged [code-injection]

Code injection is the general term for the result of a missing neutralization or improper neutralization of special elements of externally-influenced input, which could modify the syntax or behavior of the intended code.

Code injection is a type of consequence due to Improper Control of Generation of Code (CWE-94), which causes unauthorized code to be executed.

2439 questions
29
votes
5 answers

How can I print stack trace for caught exceptions in C++ & code injection in C++

I want to have stack trace not for my exceptions only but also for any descendants of std::exception As I understand, stack trace is completely lost when exception is caught because of stack unwinding (unrolling). So the only way I see to grab it…
boqapt
  • 1,726
  • 2
  • 22
  • 31
28
votes
7 answers

Guice injector in JUnit tests

Using Guice, is it a good practice to get a new injector in each JUnit test class, as each test class should be independant?
Alexis Dufrenoy
  • 11,784
  • 12
  • 82
  • 124
28
votes
9 answers

Is it possible to get data from HTML forms into android while using webView?

I'm making a very simple form in HTML which is viewed in android using the webview which takes in your name using a textbox and when you click on the button, it displays it into a paragraph and it's made using both html and javascript. This is my…
Shariq Musharaf
  • 997
  • 2
  • 10
  • 25
26
votes
3 answers

ASMX Dependency Injection and IoC

So i have gotten stuck while trying to get my asmx webservice to use dependency injection and using an IoC to do it. I want my webservice to be able to use my internal business layer services. The webservice is to be used by an external client from…
limlim
  • 395
  • 1
  • 6
  • 14
25
votes
1 answer

Does Spring @Autowired inject beans by name or by type?

I am reading beginning spring (wiley press) book. In chapter 2 there is an example about Java configuration and @Autowired. It provides this @Configuration class @Configuration public class Ch2BeanConfiguration { @Bean public AccountService…
Lidovic
  • 273
  • 1
  • 3
  • 6
24
votes
3 answers

APK injection, recompiling android manifest

What I'd like to achieve Decompile AndroidManifest.xml packaged in apk from binary form into normal xml file, edit it and recompile it back into binary file acceptable for apk. Basically I need a driver for AXML files Short background I'm working on…
Ben
  • 3,989
  • 9
  • 48
  • 84
24
votes
10 answers

Best way to avoid code injection in PHP

My website was recently attacked by, what seemed to me as, an innocent code: There where no SQL calls, so I wasn't afraid…
pek
  • 17,847
  • 28
  • 86
  • 99
22
votes
1 answer

How can I mitigate injection/exfiltration attacks from dynamic property accesses (i.e. square bracket notation) in JavaScript?

After setting up eslint-plugin-security, I went on to attempt to address nearly 400 uses of square brackets in our JavaScript codebase (flagged by the rule security/detect-object-injection). Although this plugin could be a lot more intelligent, any…
Devin Rhode
  • 23,026
  • 8
  • 58
  • 72
22
votes
1 answer

Butterknife vs AndroidAnnotations

I'm thinking about using Dagger in my Application. I also want to use a view injection library which gives me a lot of functionality to save time writing code, but on the other hand it shouldn't be to heavy in size and expensive when it comes to…
AdrianoCelentano
  • 2,461
  • 3
  • 31
  • 42
22
votes
1 answer

AppDomain.CreateInstanceFromAndUnwrap - Unable to cast transparent proxy

I'm writing a .NET library to inject managed DLLs into external processes. My current approach is: Use CreateRemoteThread to force the target process to call LoadLibrary on an unmanaged bootstrap DLL. From this point we're executing code in the…
flukes1
  • 585
  • 1
  • 7
  • 11
21
votes
6 answers

Best way to inject functionality into a binary

What would be the best way of inserting functionality into a binary application (3d party, closed source). The target application is on OSX and seems to have been compiled using gcc 3+. I can see the listing of functions implemented in the binary…
Moe
21
votes
5 answers

Mockito injection not working for constructor AND setter mocks together

I have a class that has members injected through constructors, and OTHERS through setters. I can't seem to get Mockito to inject the setter ones. The constructor-injected are mocked fine, but the setter ones come back as null. When I flipped the…
Yotam Soen
  • 305
  • 1
  • 3
  • 6
21
votes
2 answers

Directly sending keystrokes to another process via hooking

I'm wondering, after fiddling with all sorts of issues with SendInput, SendKeys, PostMessage, SendMessage, SendNotifyMessage, keybd_event, etc and so forth. To find that well... trying to send a keyboard input to another non-foreground process is…
Hydra
  • 275
  • 1
  • 2
  • 10
20
votes
2 answers

Code coverage, analysis and profiling for dynamically generated code

I have a demo project, which creates an assembly and uses it. I also can debug the injected code. But if I run coverage, analysis or profiling, it is counted, but I want to measure it. Code: CSharpCodeProvider codeProvider = new…
lajos.cseppento
  • 897
  • 8
  • 20
20
votes
2 answers

How can I test my PHP MySQL injection example?

I want to use PHP/Mysql injection with a login example, my code is below. I have tried with a username of anything' -- and an empty password but it doesn't work and I couldn't log in. Could anyone help…
Thanh Nguyen
  • 5,174
  • 11
  • 43
  • 74
1
2
3
99 100