Veracode报告了我的代码问题:
cweid201
信息泄漏:通过已发送数据的信息曝光
要在以下2个实例中解决问题
1)给出了
行的错误memoryStream.Write(byteArray, 0, byteArray.Length);
代码段是:
byte[] byteArray = Convert.FromBase64String(compressedString);
using (MemoryStream memoryStream = new MemoryStream(byteArray)) {
memoryStream.Write(byteArray, 0, byteArray.Length);
memoryStream.Position = 0;
using (GZipInputStream gzipInputStream = new GZipInputStream(memoryStream)) {
using (StreamReader streamReader = new StreamReader(gzipInputStream)) {
return streamReader.ReadToEnd();
}
}
}
2)给出了
行的错误 textWriter.WriteLine(readLine);
代码段是:
textWriter = new StreamWriter(path);
string readLine;
while ((readLine = streamReader.ReadLine()) != null) {
textWriter.WriteLine(readLine);
}
有人可以解释我如何解决上述情况中的问题吗?