Ejemplos de testcases.CWE566_Authorization_Bypass_Through_SQL_Primary CWE566_Authorization_Bypass_Through_SQL_Primary__Web_72b en C# (CSharp)

Ejemplo n.º 1

Archivo: CWE566_Authorization_Bypass_Through_SQL_Primary__Web_72a.cs Proyecto: Anzsley/Juliet_Test_Suite_v1.3_for_C_Sharp

        /* goodG2B() - use goodsource and badsink */
        private static void GoodG2B(HttpRequest req, HttpResponse resp)
        {
            string data;

            /* FIX: Use a hardcoded user ID */
            data = "10";
            Hashtable dataHashtable = new Hashtable(5);

            dataHashtable.Add(0, data);
            dataHashtable.Add(1, data);
            dataHashtable.Add(2, data);
            CWE566_Authorization_Bypass_Through_SQL_Primary__Web_72b.GoodG2BSink(dataHashtable, req, resp);
        }

Ejemplo n.º 2

Archivo: CWE566_Authorization_Bypass_Through_SQL_Primary__Web_72a.cs Proyecto: Anzsley/Juliet_Test_Suite_v1.3_for_C_Sharp

        public override void Bad(HttpRequest req, HttpResponse resp)
        {
            string data;

            /* FLAW: Get the user ID from a URL parameter */
            data = req.Params.Get("id");
            Hashtable dataHashtable = new Hashtable(5);

            dataHashtable.Add(0, data);
            dataHashtable.Add(1, data);
            dataHashtable.Add(2, data);
            CWE566_Authorization_Bypass_Through_SQL_Primary__Web_72b.BadSink(dataHashtable, req, resp);
        }