Beispiel #1
0
 /* goodG2B() - use goodsource and badsink */
 private static void GoodG2B()
 {
     /* FIX: Set the path as the "system" path */
     if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
     {
         data = "/bin";
     }
     else
     {
         data = "%SystemRoot%\\system32";
     }
     CWE427_Uncontrolled_Search_Path_Element__ReadLine_68b.GoodG2BSink();
 }
Beispiel #2
0
 public override void Bad()
 {
     data = ""; /* Initialize data */
     {
         /* read user input from console with ReadLine */
         try
         {
             /* POTENTIAL FLAW: Read data from the console using ReadLine */
             data = Console.ReadLine();
         }
         catch (IOException exceptIO)
         {
             IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
         }
     }
     CWE427_Uncontrolled_Search_Path_Element__ReadLine_68b.BadSink();
 }