Modification After Validation
Description
The code modifies a string after it has been validated, which can lead to security vulnerabilities. It is recommended to perform any string modifications before validation.
Examples
Insecure Code
scala
val validatedString = validate(input); validatedString.replace("a", "b");Secure Code
scala
val modifiedString = input.replace("a", "b"); val validatedString = validate(modifiedString);Remediation
Move the string modification before the validation.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0072 |
| Category | Injection |
| Severity | MEDIUM |
| CWE | CWE-182 |
| Confidence | HIGH |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | validation, string modification |
| OWASP | N/A |