We use sonar version is sonarqube:9.5.0-enterprise, it scaned java codes and reported error about:
Sonar reported error “I/O function calls should not be vulnerable to path injection attacks”
We followed the fix and modify related codes, but still report the error, see our codes below: line86
We already add line85 to identify whether the path exist.
Hey there.
Hi,
Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:
9.5 → 9.9 → 10.0 (last step optional)
You may find these resources helpful:
If you have questions about upgrading, feel free to open a new thread for that here.
If you still believe you face a false-positive afterwards, please follow the instructions in the following post to report a false-positive (which includes sharing a code snippet rather than a screenshot)
