I am working with some VB .net windows forms code that has recently gone through a code Audit. I need expert help on how best to fix this code. Here is the error message displayed by the auditing software
Denial of service (Input Validation and Representation, Semantic)
The call to ReadToEnd() at SMTException.vb line 70 might allow an attacker to crash the program or otherwise make it unavailable to legitimate users.
I think what the audit message is telling me, is that at line 88 if there is no data then the LoadXml method would fail, causing the application to
crash. So can someone show me how to rewrite the code below to prevent the denial of service attack?
85 Dim s As Stream = Assembly.GetExecutingAssembly().GetManifestResourceStream("SMTErrMsg.xml")
86 Dim xdoc As New XmlDocument()
87 Dim reader As New StreamReader(s)