The risks associated with directly executing user input are-
- Buffer overflow errors
- Out-of-bound errors and exceptions
- Opening backdoors into the program
- Accepting SQL injections
- Allowing carefully-designed hacks into the system which could potentially compromise it
- Executing malicious code or code triggers
- Allow bots to take over the system, and even trigger DoS attack, by posing as regular human users
Minimum steps to parse user input before accepting it-
- Check the length
It should be within the range of the minimum and the maximum length defined for that variable or field.
Input should either be rejected if it isn’t, or it should be truncated if it is greater than the maximum, or it should set to the default fail-safe value if it is lesser than the minimum.
- Check the character set
If the value to be entered in a phone number, only digits should be accepted.
- Check against the business rules (which internally govern the database design as well)
If the address can only be a US one, then the zip code can only be five-digit numbers (whereas one from Canada has a format that has alphabets)
- Check if it was input through the keyboard
This is an advanced check to detect and block automated programmatic input which bots push into systems.