Following is the implementation in the code:
Gets the truststore location and password from the database:
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(
new File(trustStoreLocation)trustStorePassword.toCharArray()).build();
Using sonar for static analysis of code. Getting an error in sonar saying 'reads a file whose location might be specified by user input'. How to resolve this vulnerability? Tried various solutions but still got the same error. Can anyone please help me?
Solutions tried : FileNameUtils.getName(), normalize()
Since not sure how the path should start couldn't try getCanonicalPath() or Path.resolve().