Veracode throws "technology-related input validation problems (CWE ID 100)" for public row property in C #

Question

Veracode throws "technology-related input validation problems (CWE ID 100)" for public row property in C #

Veracode throws "technology-related login validation problems (CWE ID 100)" for a public row property in C #.

These are the formats that I have already tried, and they all give the same drawback.

Option: 1

    public string MyProperty { get; set; }

Option: 2

    private string _myProperty;
    public string MyProperty
    {
        get
        {
            return _myProperty;
        }
        set
        {
            _myProperty = value;
        }
    }

Option: 3

    private string _myProperty;
    public string MyProperty
    {
        get
        {
            return _myProperty ?? string.Empty;
        }
        set
        {
            _myProperty = value;
        }
    }

Can someone say why?

+1

c # veracode

Krishna May 31, '17 at 15:51

source share

1 answer

Krishna · Answer 1 · 2017-06-07T20:02:30+0000

This URL contains some information suggesting a potential flow fix:

https://docs.microsoft.com/en-us/aspnet/web-api/overview/formats-and-model-binding/model-validation-in-aspnet-web-api

, , , :

[Required]
public string MyProperty { get; set; }

System.ComponentModel.DataAnnotations.

https://msdn.microsoft.com/en-us/library/system.componentmodel.dataannotations(v=vs.110).aspx

Veracode throws "technology-related input validation problems (CWE ID 100)" for public row property in C #

More articles: