X-Git-Url: https://git.martlubbers.net/?a=blobdiff_plain;f=report%2Fv5_input.tex;h=618c2bfbe38adc7fa8bd75046192039fb8d22d1b;hb=5675de2255bdfceb293ed7418a0478bc0af7cd75;hp=161829c07976dccdd9f4de071dc47618ec6873cf;hpb=2e94496cd27eaf370c3768e9540c9ac51349fa06;p=ssproject1617.git

diff --git a/report/v5_input.tex b/report/v5_input.tex
index 161829c..618c2bf 100644
--- a/report/v5_input.tex
+++ b/report/v5_input.tex
@@ -1 +1,30 @@
-Hoi
+\begin{enumerate}[label=5.\arabic*]
+	\item Verify that the runtime environment is not susceptible to buffer
+		overflows, or that security controls prevent buffer overflows.
+
+	% They skip 5.2
+	\addtocounter{enumi}{1}
+	\item Verify that server side input validation failures result in 
+		request rejection and are logged.
+
+	% They skip 5.4
+	\addtocounter{enumi}{1}
+	\item Verify that input validation routines are enforced on the server
+		side.
+
+	\item\notapplicable{Verify that a single input validation control is used
+		by the application for each type of data that is accepted.}
+
+	% They skip 5.7-5.9
+	\addtocounter{enumi}{3}
+	\item Verify that all SQL queries, HQL, OSQL, NOSQL and stored 
+		procedures, calling of stored procedures are protected by the 
+		use of prepared statements or query parameterization, and 
+		thus not susceptible to SQL injection.
+
+	\item Verify that the application is not susceptible to LDAP
+		Injection, or that security controls prevent LDAP Injection.
+
+	\item Verify that the application is not susceptible to OS Command
+		Injection, or that security controls prevent OS Command Injection.
+\end{enumerate}