AST-12047 - Fixing our code vulnerabilities | Java wrapper and javascript wrapper

cx-hugo-machado · cx-hugo-machado · commit 4923c82c07b3 · 2022-05-06T15:16:07.000+01:00
- Fix sast vulnerability
diff --git a/src/main/java/com/checkmarx/ast/wrapper/Execution.java b/src/main/java/com/checkmarx/ast/wrapper/Execution.java
@@ -31,6 +31,7 @@ private Execution() {
     private static final String FILE_NAME_WINDOWS = "cx.exe";
     private static final String LINE_SEPARATOR = System.getProperty("line.separator");
     private static final String TEMP_DIR = System.getProperty("java.io.tmpdir");
+    private static final String MD5_ALGORITHM = "MD5";
 
     private static String executable = null;
 
@@ -161,7 +162,7 @@ private static String md5(InputStream a) {
         String md5 = null;
         final byte[] buf = new byte[8192];
         try {
-            MessageDigest md = MessageDigest.getInstance("MD5");
+            MessageDigest md = MessageDigest.getInstance(MD5_ALGORITHM);
             int i;
             while ((i = a.read(buf)) != -1) {
                 md.update(buf, 0, i);
