/** * In this case, external data reaches a sink, but there is no validation * routine available. * <p/> * There should be a medium confidence vulnerability derived from this call. * */ private static void testSinkNoValidationAvailable(string[] args) { try { TestCase_IOT_Instance_Val_Confidence testCase = new TestCase_IOT_Instance_Val_Confidence(); string file = args[0]; string source = testCase.getUnCoveredVulnerableSource(file); testCase.writeToVulnerableSink(file, source); } catch (Exception e) { Console.Write(e.StackTrace); } }
/** * In this case, external data gets lost, and a validation routine * is available, but is not used. * <p/> * There should be a medium confidence vulnerability derived from this call. * */ private static void testLostValidationNotUsed(string[] args) { try { TestCase_IOT_Instance_Val_Confidence testCase = new TestCase_IOT_Instance_Val_Confidence(); string file = args[0]; string source = testCase.getCoveredVulnerableSource(file); testCase.writeToUnknownSink(file, source); } catch (Exception e) { Console.Write(e.StackTrace); } }