Rohit Sharma Rohit Sharma - 20 days ago 40
ASP.NET (C#) Question

Untrusted Initialization - VeraCode Scan Issue

I am getting one High veracode scan issue in the below code. What changes do i need to make to resolve it.

private OleDbConnection importFileConnection;
private OleDbConnection ImportFileConnection
{
get
{
if (importFileConnection == null)
{ importFileConnection = new OleDbConnection(this.ConnectionString);
//getting scan issue in this line. }
//importFileConnection.Open();
return importFileConnection;
}
}

private string ConnectionString
{
get { return string.Format(ImportExportData.Default.ConnectionString, this.ServerFileName); }
}

Answer

String.format is the issue. declare connection with out connection string, then mention the connection property.

Comments