Heard this term in talk The Science of Insecurity but I am not sure what does it mean.
Shotgun parsing is an antipattern in the processing of input, defined as
Shotgun parsing is a programming antipattern whereby parsing and input-validating code is mixed with and spread across processing code—throwing a cloud of checks at the input, and hoping, without any systematic justification, that one or another would catch all the “bad” cases.
Properly handling input is a key aspect of secure programming, and "shotgun parsers" make programs more prone to exploitable security weaknesses. Unfortunately, like several other inherently insecure techniques, it's a popular approach to input parsing.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With