Input validation
According to the Android development guidelines, the lack of sufficient input validation measures is one of the most common security problems in Android applications. There are several problems that can be derived from insufficient input validation such as buffer overflows, null pointers, off-by-one errors, inconsistencies in the database, and even code injection problems.
Now, we will see some tips that will help us to mitigate this vulnerability.
We can use the inputType
attribute in order to limit the possible characters the user can set in a field. For example, if we have an EditText
field where we want a telephone number, we can define the EditText
as follows in your layout file:
<EditText
android:id="@+id/EditTextTelephone"
android:hint="@string/telephone"
android:layout_width="fill_parent"
android:layout_height="wrap_content"
android:inputType="phone">
</EditText>
Although this should not be considered...