fortify中Path Manipulation issues in Java 问题解决

编程开发更新时间:2023-05-01 15:21:36

 public class CleanPath {
     public static String cleanString(String aString) {
        if (aString == null) return null;
        String cleanString = "";
        for (int i = 0; i < aString.length(); ++i) {
            cleanString += cleanChar(aString.charAt(i));
        }
        return cleanString;
    }
   private static char cleanChar(char aChar) {
       // 0 - 9
       for (int i = 48; i < 58; ++i) {
              if (aChar == i) return (char) i;
       }
       // 'A' - 'Z'
       for (int i = 65; i < 91; ++i) {
              if (aChar == i) return (char) i;
       }
       // 'a' - 'z'
       for (int i = 97; i < 123; ++i) {
              if (aChar == i) return (char) i;
       }
       // other valid characters
        switch (aChar) {
            case '/':
                return '/';
            case '.':
                return '.';
            case '-':
                return '-';
            case '_':
                return '_';
            case ' ':
                return ' ';
        }
        return '%';
    }
}

参考自：https://community.saas.hpe/t5/Fortify-Software-Security-Center/Fortify-Path-Manipulation-issues-in-Java/td-p/231020

更多推荐

本文发布于:2023-05-01 12:47:00，感谢您对本站的认可！

本文链接:https://www.52dianzi.com/category/article/8edf670e1def101d0152a79fdaf60f21.html