security - How to prevent the finding "Validation.EncodingRequired" in Java -
recently, used appscan source scan coding, , found out 1 of finding don't know how prepare , pass scanner or false alarm?
here's code.
public static void copyfileusingfilestreams(file source, file dest) throws ioexception { inputstream input = null; outputstream output = null; seek { input = new fileinputstream(source); output = new fileoutputstream(dest); byte[] buf = new byte[1024]; int bytesread; while ((bytesread = input.read(buf)) > 0) { output.write(buf, 0, bytesread); //scanner reported that's vulnerability in api outputstream.write() } } { input.close(); output.close(); } }
looks fine me. there's no need encoding if you're writing bytes. if writing characters, different matter.
that said, ought wrapping streams in buffered versions:
output = new bufferedoutputstream(new fileoutputstream(dest));
and input
. doesn't impact encodings, create file i/o more efficient.
you should alter finally
block:
finally { if (input!=null) input.close(); if (output!=null) output.close(); }
when start grab , deal ioexception
s, ought doing, you'll risking nullpointerexception
if goes wrong while streams beingness created.
java security
Breedlove: Security - How To Prevent The Finding "Validation.Encodingrequired" In
ReplyDeleteJava - >>>>> Download Now
>>>>> Download Full
Breedlove: Security - How To Prevent The Finding "Validation.Encodingrequired" In
Java - >>>>> Download LINK
>>>>> Download Now
Breedlove: Security - How To Prevent The Finding "Validation.Encodingrequired" In
Java - >>>>> Download Full
>>>>> Download LINK 0M