[Esapi-user] how to validate binary data - example copy pdf or image file

Hafiz, Abdul - Kansas City, MO abdul.hafiz at kcc.usda.gov
Wed Jul 13 18:34:47 EDT 2011


In example below, I am copying a PDF file. AppScan Source reports Vulnerability Validation.EncodingRequired. I cannot encode in this case because I want exact copy of srcFile. Only option, I may have is to validate before writing it to outputStream. How to perform validation on binary data using ESAPI?

        try {
            InputStream oInStream = new FileInputStream(srcFile);
            OutputStream oOutStream = new FileOutputStream(destFile);

            // Transfer bytes from in to out
            byte[] oBytes = new byte[1024];
            int nLength;
            BufferedInputStream oBuffInputStream = new BufferedInputStream(oInStream);
            while ((nLength = oBuffInputStream.read(oBytes)) > 0)
            {
                oOutStream.write(oBytes, 0, nLength);
            }
            oInStream.close();
            oOutStream.close();
        } catch (IOException e){
            throw new CopyException("IOException copying file", e);
        }

Thanks,
Abdul





-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20110713/19fe7d67/attachment.html 


More information about the Esapi-user mailing list