/* goodG2B() - use goodsource and badsink */ private static void GoodG2B() { string data = CWE259_Hard_Coded_Password__NetworkCredential_61b.GoodG2BSource(); if (data != null) { /* POTENTIAL FLAW: data used as password in NetworkCredential() */ NetworkCredential credentials = new NetworkCredential("user", data, "domain"); IO.WriteLine(credentials.ToString()); } }
public override void Bad() { string data = CWE259_Hard_Coded_Password__NetworkCredential_61b.BadSource(); if (data != null) { /* POTENTIAL FLAW: data used as password in NetworkCredential() */ NetworkCredential credentials = new NetworkCredential("user", data, "domain"); IO.WriteLine(credentials.ToString()); } }