/* GoodG2B2() - use goodsource and badsink by reversing the blocks in the if in the sink function */ private void GoodG2B2() { string data; GoodG2B2PublicStatic = true; data = CWE427_Uncontrolled_Search_Path_Element__Environment_22b.GoodG2B2Source(); /* POTENTIAL FLAW: Set a new environment variable with a path that is possibly insecure */ Environment.SetEnvironmentVariable("PATH", data); }
public override void Bad() { string data; badPublicStatic = true; data = CWE427_Uncontrolled_Search_Path_Element__Environment_22b.BadSource(); /* POTENTIAL FLAW: Set a new environment variable with a path that is possibly insecure */ Environment.SetEnvironmentVariable("PATH", data); }