Vulnerability in Java code

when i create a file instance using
0: String path =" some path";
1:Path p= Paths.get(path);
2:File f = p.toFile():

i get a vulnerability issue in sq
Message - Make sure file handling is safe here(1)

Can anyone help how to create a file instance in Java so that I don’t face any issue

In order to help you, could you share which vulnerability is raised exactly ?
The documentation should tell you how to fix it, and if it is not clear, please tell us what is not. That should allow us to help you and improve the rule description.

directory traversal attack

Hello @rohan,

I believe the rule you are talking about is this one.

The description looks really complete, with many resources, I bet you will find answer to your questions here.

Then, I would suggest you to have a look at the notion of security hotspots, specifically:

Unlike Vulnerabilities, Security Hotspots aren’t necessarily issues that are open to attack. Instead, Security Hotspots highlight security-sensitive pieces of code that need to be manually reviewed.

I hope this can lead your research!


@Quentin Thanks.