PraveenDasary
Member
- Joined
- May 17, 2020
- Messages
- 6
- Programming Experience
- 5-10
I have below code implemented in my project..
Calling Method:
Violation Message:
The serialized object ReadLine processed in LoadTextFile in the file Test\FileUtility.cs at line 13 is deserialized by Deserialize in the file Test\Simulator.cs at line 368
Though the XmlSerializer deserializing the memory stream to the a predefined type, ReadLine is caught in code scans with above violation. Please suggest any solution..
C#:
public static String LoadTextFile(String path)
{
StringBuilder sb = new StringBuilder();
using (StreamReader reader = new FileInfo(path).OpenText())
{
try
{
String text = null;
do
{
text = reader.ReadLine();
sb.Append(text);
} while (text != null);
}
catch (Exception ex)
{
throw ex;
}
}
return sb.ToString();
}
Calling Method:
C#:
private MessageConfig LoadConfig()
{
string xml = FileUtility.LoadTextFile(Environment.CurrentDirectory + @"\test.config");
XmlSerializer ser = new XmlSerializer((typeof(MessageConfig )));
MemoryStream ms = new MemoryStream((new UTF8Encoding()).GetBytes(xml));
return (MessageConfig )ser.Deserialize(ms);
}
Violation Message:
The serialized object ReadLine processed in LoadTextFile in the file Test\FileUtility.cs at line 13 is deserialized by Deserialize in the file Test\Simulator.cs at line 368
Though the XmlSerializer deserializing the memory stream to the a predefined type, ReadLine is caught in code scans with above violation. Please suggest any solution..