/* goodG2B() - use GoodSource and BadSink */
private static void GoodG2B()
{
string data;
/* FIX: Use a regular string (non-sensitive string) */
data = "Hello World";
Dictionary <int, string> dataDictionary = new Dictionary <int, string>();
dataDictionary.Add(0, data);
dataDictionary.Add(1, data);
dataDictionary.Add(2, data);
CWE319_Cleartext_Tx_Sensitive_Info__send_74b.GoodG2BSink(dataDictionary);
}
/* goodB2G() - use BadSource and GoodSink */
private static void GoodB2G()
{
string data;
using (SecureString securePwd = new SecureString())
{
for (int i = 0; i < "AP@ssw0rd".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("AP@ssw0rd"[i]);
}
/* POTENTIAL FLAW: Set data to be a password, which can be transmitted over a non-secure
* channel in the sink */
data = securePwd.ToString();
}
Dictionary <int, string> dataDictionary = new Dictionary <int, string>();
dataDictionary.Add(0, data);
dataDictionary.Add(1, data);
dataDictionary.Add(2, data);
CWE319_Cleartext_Tx_Sensitive_Info__send_74b.GoodB2GSink(dataDictionary);
}
