CWE-117 Java log readability

Asked Jul 06 '22 at 14:45

Active Jul 06 '22 at 14:45

Viewed 401 times

I fixed the veracode security flaw CWE-117 by using the ESAPI log library.

The problem is that the log file becomes almost unreadable, because the Java stacktrace is put in one single line.

In order to read the log file, I have to manually replace the character "__" by new lines.

Is it possible to fix the CWE-117 and have a readable log file at the same time?

Thank you.

asked Jul 06 '22 at 14:45

Robson Braga

Does this answer your question? [How to fix Veracode CWE 117 (Improper Output Neutralization for Logs)](https://stackoverflow.com/questions/44949254/how-to-fix-veracode-cwe-117-improper-output-neutralization-for-logs) – Ashish Patil Jul 06 '22 at 15:05
No, it doesn't, the CWE-117 is already fixed. The problem is the log readability. A whole java stacktrace in one line is not good to read. – Robson Braga Jul 06 '22 at 15:46

0 Answers0