When getting data from a file
- Verify that if it has valid extensions/file type
- Verify that it does not exceeds certain file size
When getting data from a a user, the network, or some other external interface
- Check to be sure that the data falls within the allowable range.
- Make sure that numeric values are within tolerances
- Strings are short enough to handle.
- If a string is intended to represent a restricted range of values.
- Be sure that the string is valid for its intended purpose;
Otherwise reject it.