C# (CSharp) testcases.CWE256_Unprotected_Storage_of_Credentials CWE256_Unprotected_Storage_of_Credentials__basic_51b.GoodB2GSinkの例

コード例 #1

ファイル: CWE256_Unprotected_Storage_of_Credentials__basic_51a.cs プロジェクト: Anzsley/Juliet_Test_Suite_v1.3_for_C_Sharp

        /* goodB2G() - use badsource and goodsink */
        private void GoodB2G()
        {
            string password;

            password = ""; /* init password */
            /* retrieve the password */
            try
            {
                password = Encoding.UTF8.GetString(File.ReadAllBytes("../../../common/strong_password_file.txt"));
            }
            catch (IOException exceptIO)
            {
                IO.Logger.Log(NLog.LogLevel.Warn, "Error with file reading", exceptIO);
            }
            /* POTENTIAL FLAW: The raw password read from the .txt file is passed on (without being decrypted) */
            CWE256_Unprotected_Storage_of_Credentials__basic_51b.GoodB2GSink(password);
        }