/* GoodG2B2() - use goodsource and badsink by reversing the blocks in the first switch */ private void GoodG2B2() { StringBuilder data; switch (6) { case 6: /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); break; default: /* INCIDENTAL: CWE 561 Dead Code, the code below will never run * but ensure data is inititialized before the Sink to avoid compiler errors */ data = null; break; } switch (7) { case 7: /* POTENTIAL FLAW: data could be null */ string stringTrimmed = data.ToString().Trim(); IO.WriteLine(stringTrimmed); break; default: /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ IO.WriteLine("Benign, fixed string"); break; } }
/* goodG2B() - use goodsource and badsink by changing the first "if" so that * both branches use the GoodSource */ private void GoodG2B() { StringBuilder data; if (IO.StaticReturnsTrueOrFalse()) { /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); } else { /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); } if (IO.StaticReturnsTrueOrFalse()) { /* POTENTIAL FLAW: data could be null */ string stringTrimmed = data.ToString().Trim(); IO.WriteLine(stringTrimmed); } else { /* POTENTIAL FLAW: data could be null */ string stringTrimmed = data.ToString().Trim(); IO.WriteLine(stringTrimmed); } }
public override void Bad() { StringBuilder data; if (IO.StaticReturnsTrueOrFalse()) { /* POTENTIAL FLAW: Call getStringBuilderBad(), which may return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderBad(); } else { /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); } if (IO.StaticReturnsTrueOrFalse()) { /* POTENTIAL FLAW: data could be null */ string stringTrimmed = data.ToString().Trim(); IO.WriteLine(stringTrimmed); } else { /* FIX: explicit check for null */ if (data != null) { string stringTrimmed = data.ToString().Trim(); IO.WriteLine(stringTrimmed); } } }
/* goodG2B() - use goodsource and badsink */ public static StringBuilder GoodG2BSource() { StringBuilder data; /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); return(data); }
/* goodG2B() - use GoodSource and BadSink */ private void GoodG2B() { StringBuilder data; /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); CWE690_NULL_Deref_From_Return__Class_StringBuilder_81_base baseObject = new CWE690_NULL_Deref_From_Return__Class_StringBuilder_81_goodG2B(); baseObject.Action(data); }
/* goodG2B() - use goodsource and badsink */ private static void GoodG2B() { StringBuilder data; /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); Container dataContainer = new Container(); dataContainer.containerOne = data; CWE690_NULL_Deref_From_Return__Class_StringBuilder_67b.GoodG2BSink(dataContainer); }
/* goodG2B() - use goodsource and badsink */ private void GoodG2B() { StringBuilder data; /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); for (int j = 0; j < 1; j++) { /* POTENTIAL FLAW: data could be null */ string stringTrimmed = data.ToString().Trim(); IO.WriteLine(stringTrimmed); } }
/* goodG2B() - use GoodSource and BadSink */ private static void GoodG2B() { StringBuilder data; /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); Dictionary <int, StringBuilder> dataDictionary = new Dictionary <int, StringBuilder>(); dataDictionary.Add(0, data); dataDictionary.Add(1, data); dataDictionary.Add(2, data); CWE690_NULL_Deref_From_Return__Class_StringBuilder_74b.GoodG2BSink(dataDictionary); }
/* goodG2B() - use GoodSource and BadSink */ private static void GoodG2B() { StringBuilder data; /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); LinkedList <StringBuilder> dataLinkedList = new LinkedList <StringBuilder>(); dataLinkedList.AddLast(data); dataLinkedList.AddLast(data); dataLinkedList.AddLast(data); CWE690_NULL_Deref_From_Return__Class_StringBuilder_73b.GoodG2BSink(dataLinkedList); }
/* goodG2B() - use GoodSource and BadSink */ private static void GoodG2B() { StringBuilder data; /* FIX: call getStringBuilderGood(), which will never return null */ data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderGood(); Hashtable dataHashtable = new Hashtable(5); dataHashtable.Add(0, data); dataHashtable.Add(1, data); dataHashtable.Add(2, data); CWE690_NULL_Deref_From_Return__Class_StringBuilder_72b.GoodG2BSink(dataHashtable); }