/* goodB2G() - use badsource and goodsink */
private static void GoodB2G()
{
password = ""; /* init password */
/* Read data using an outbound tcp connection */
{
try
{
/* Read data using an outbound tcp connection */
using (TcpClient tcpConn = new TcpClient("host.example.org", 39544))
{
/* read input from socket */
using (StreamReader sr = new StreamReader(tcpConn.GetStream()))
{
/* POTENTIAL FLAW: Read password using an outbound tcp connection */
password = sr.ReadLine();
}
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, "Error with stream reading", exceptIO);
}
}
CWE319_Cleartext_Tx_Sensitive_Info__connect_tcp_SqlConnection_68b.GoodB2GSink();
}
/* goodG2B() - use goodsource and badsink */
private static void GoodG2B()
{
/* FIX: Use a hardcoded password as the password (it was not sent over the network) */
/* INCIDENTAL FLAW: CWE-259 Hard Coded Password */
password = "******";
CWE319_Cleartext_Tx_Sensitive_Info__connect_tcp_SqlConnection_68b.GoodG2BSink();
}
