コード例 #1
0
 /* goodB2G() - use badsource and goodsink */
 private static void GoodB2G()
 {
     password = ""; /* init password */
     /* Read data using an outbound tcp connection */
     {
         try
         {
             /* Read data using an outbound tcp connection */
             using (TcpClient tcpConn = new TcpClient("host.example.org", 39544))
             {
                 /* read input from socket */
                 using (StreamReader sr = new StreamReader(tcpConn.GetStream()))
                 {
                     /* POTENTIAL FLAW: Read password using an outbound tcp connection */
                     password = sr.ReadLine();
                 }
             }
         }
         catch (IOException exceptIO)
         {
             IO.Logger.Log(NLog.LogLevel.Warn, "Error with stream reading", exceptIO);
         }
     }
     CWE319_Cleartext_Tx_Sensitive_Info__connect_tcp_SqlConnection_68b.GoodB2GSink();
 }
コード例 #2
0
 /* goodG2B() - use goodsource and badsink */
 private static void GoodG2B()
 {
     /* FIX: Use a hardcoded password as the password (it was not sent over the network) */
     /* INCIDENTAL FLAW: CWE-259 Hard Coded Password */
     password = "******";
     CWE319_Cleartext_Tx_Sensitive_Info__connect_tcp_SqlConnection_68b.GoodG2BSink();
 }