Lesson: Distrust Input

Is this an example of the **distrust your inputs** lesson? An important mantra of secure software engineering is: don't trust your inputs. These are vulnerabilities where the fix involved improving the way input was handled as it went into the system. We must note that robust input handling is a fantastic mitigation strategy, but often is incomplete. In the interest of [Defense in Depth](/tags/defense), developers ought to consider attempting to secure their own code as well as handle inputs.