How can we fix checkmarx vulnerability Cleansing_Canonicalization_and_Comparison_Errors in C#?

Asked Aug 30 '21 at 09:19

Active Aug 30 '21 at 09:19

Viewed 841 times

Can anyone help me in fixing Cleansing_Canonicalization_and_Comparison_Errors vulnerability in below code-

        string appServerPath = string.Empty;
        appPath = ConfigurationManager.AppSettings["ServerPath"].ToString();
        try
        {
           FileLoader.FileDownLoad(appPath + DownloadFileCtrl.Value); 
           FileLoader.DeleteFile(appPath + DownloadFileCtrl.Value);  //this particular line is throwing issue
        }

asked Aug 30 '21 at 09:19

Shikha Singh

1

I got this from the interwebs 1. Check for invalid characters in the parameter value by using the `GetInvalidFileNameChars()` method of the Path class. 2. Use the `Combine` method. 3. Perform a last check on the results to make sure the resulting path starts with the base path. Source https://saiamitparas.blogspot.com/2019/06/cleansing-canonicalization-and.html it may or may not be of any use – TheGeneral Aug 30 '21 at 09:24
Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Sep 01 '21 at 13:02

How can we fix checkmarx vulnerability Cleansing_Canonicalization_and_Comparison_Errors in C#?

0 Answers0