TechQA.

How to resolve Veracode issue "cweid201 Information Exposure Through Sent Data"?

2.3k views Asked by At

Veracode reported following issue with my code:

cweid201

Information Leakage:Information Exposure Through Sent Data

Issue to be resolved at below 2 instances

1) The error is given for the line

memoryStream.Write(byteArray, 0, byteArray.Length);

Code snippet is:

byte[] byteArray = Convert.FromBase64String(compressedString);
using (MemoryStream memoryStream = new MemoryStream(byteArray)) {
  memoryStream.Write(byteArray, 0, byteArray.Length);
  memoryStream.Position = 0;
   using (GZipInputStream gzipInputStream = new GZipInputStream(memoryStream)) {
      using (StreamReader streamReader = new StreamReader(gzipInputStream)) {
        return streamReader.ReadToEnd();
      }
   }
 }

2) The error is given for the line

     textWriter.WriteLine(readLine);

Code snippet is :

     textWriter = new StreamWriter(path);
     string readLine;
while ((readLine = streamReader.ReadLine()) != null) {
            textWriter.WriteLine(readLine);
}

Can anyone explain how I can resolve the issue in above instances?

.net veracode
Original Q&A
0

There are 0 answers

Related Questions in .NET

Related Questions in VERACODE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions