/* goodB2G() - use badsource and goodsink */ public static void GoodB2GSink(CWE319_Cleartext_Tx_Sensitive_Info__send_67a.Container dataContainer) { string data = dataContainer.containerOne; try { using (TcpClient client = new TcpClient("remote_host", 1337)) { using (SslStream sslStream = new SslStream(client.GetStream())) { /* FIX: sending data over an SSL encrypted channel */ sslStream.Write(Encoding.UTF8.GetBytes(data)); } } } catch (IOException exceptIO) { IO.Logger.Log(NLog.LogLevel.Warn, "Error writing to the TcpClient", exceptIO); } }
/* goodG2B() - use goodsource and badsink */ public static void GoodG2BSink(CWE319_Cleartext_Tx_Sensitive_Info__send_67a.Container dataContainer) { string data = dataContainer.containerOne; try { using (TcpClient tcpClient = new TcpClient("remote_host", 1337)) { using (StreamWriter writer = new StreamWriter(tcpClient.GetStream())) { /* POTENTIAL FLAW: sending data over an unencrypted (non-SSL) channel */ writer.WriteLine(data); } } } catch (IOException exceptIO) { IO.Logger.Log(NLog.LogLevel.Warn, "Error writing to the TcpClient", exceptIO); } }