Getting the below exception in the checkmarks,
Method update at line 108 of com.ibm.vch.vch-*\UpdateServiceImpl.java gets user input from element toByteArray . This element’s value flows through the code without being validated, and is eventually used in a loop condition in updateCustomFieldMapping at line 154 of *\FieldUtils.java. This constitutes an Unchecked Input for Loop Condition.
InputStream activityXML = new JaxbSerializer().marshal(resource.getActivity());
line--- > 108 byte[] xmlData = IOUtils.toByteArray(activityXML);
entity.setXmlData(xmlData);
Is there validation i can perform at line 108? Thanks in advance.
Edited :
private static String update**Mapping(String str, Element cusFieldsElement) {
Pattern p = Pattern.compile(IELD_PATTERN);
Matcher m = p.matcher(xmlStr);
while (m.find()) {
String b = m.group();
String xPath = b.substring(2, b.length() - 1);
if (xPath != null) {
String id = xPath.substring(xPath.lastIndexOf(".") + 1);
String name = fetchFieldNameFrId(id, cusFieldsElement);
if (name != null) {
String updatedId = "${"
+ CustomFieldUtils.constructCustomFieldID("/" + Constants.PARAMETERS + "/",
name) + "}";
updatedId = StringEscapeUtils.escapeXml10(updatedId);
xmlStr = xmlStr.replace(b, updatedId);
}
}
}
return xmlStr;
}