public override void Bad(HttpRequest req, HttpResponse resp)
{
string data;
if (IO.staticTrue)
{
using (SecureString securePwd = new SecureString())
{
using (SecureString secureUser = new SecureString())
{
for (int i = 0; i < "AP@ssw0rd".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("AP@ssw0rd"[i]);
}
for (int i = 0; i < "user".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("user"[i]);
}
/* POTENTIAL FLAW: Set data to credentials (without hashing or encryption) */
data = secureUser.ToString() + ":" + securePwd.ToString();
}
}
}
else
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (IO.staticTrue)
{
/* NOTE: potential incidental issues with not setting secure or HttpOnly flag */
/* POTENTIAL FLAW: Store data directly in cookie */
resp.AppendCookie(new HttpCookie("auth", data));
}
}
/* goodB2G1() - use badsource and goodsink by changing second privateTrue to privateFalse */
private void GoodB2G1(HttpRequest req, HttpResponse resp)
{
string data;
if (privateTrue)
{
data = ""; /* initialize data in case there are no cookies */
/* Read data from cookies */
{
HttpCookieCollection cookieSources = req.Cookies;
if (cookieSources != null)
{
/* POTENTIAL FLAW: Read data from the first cookie value */
data = cookieSources[0].Value;
}
}
}
else
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (privateFalse)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
IO.WriteLine("Benign, fixed string");
}
else
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
/* goodB2G() - use badsource and goodsink */
private void GoodB2G(HttpRequest req, HttpResponse resp)
{
string data;
data = ""; /* Initialize data */
/* Read data from a database */
{
try
{
/* setup the connection */
using (SqlConnection connection = IO.GetDBConnection())
{
connection.Open();
/* prepare and execute a (hardcoded) query */
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = "select name from users where id=0";
command.Prepare();
using (SqlDataReader dr = command.ExecuteReader())
{
/* POTENTIAL FLAW: Read data from a database query SqlDataReader */
data = dr.GetString(1);
}
}
}
}
catch (SqlException exceptSql)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptSql, "Error with SQL statement");
}
}
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
public override void Bad(HttpRequest req, HttpResponse resp)
{
string data;
data = ""; /* Initialize data */
/* Read data from a database */
{
try
{
/* setup the connection */
using (SqlConnection connection = IO.GetDBConnection())
{
connection.Open();
/* prepare and execute a (hardcoded) query */
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = "select name from users where id=0";
command.Prepare();
using (SqlDataReader dr = command.ExecuteReader())
{
/* POTENTIAL FLAW: Read data from a database query SqlDataReader */
data = dr.GetString(1);
}
}
}
}
catch (SqlException exceptSql)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptSql, "Error with SQL statement");
}
}
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", data);
/* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
resp.AppendCookie(cookieSink);
}
}
/* goodB2G2() - use badsource and goodsink by reversing the blocks in the if in the sink function */
public static void GoodB2G2Sink(string data, HttpRequest req, HttpResponse resp)
{
if (CWE315_Cleartext_Storage_in_Cookie__Web_22a.goodB2G2PublicStatic)
{
/* FIX: Hash data before storing in cookie */
{
string salt = "ThisIsMySalt";
using (SHA512CryptoServiceProvider sha512 = new SHA512CryptoServiceProvider())
{
byte[] buffer = Encoding.UTF8.GetBytes(string.Concat(salt, data));
byte[] hashedCredsAsBytes = sha512.ComputeHash(buffer);
data = IO.ToHex(hashedCredsAsBytes);
}
}
resp.AppendCookie(new HttpCookie("auth", data));
}
else
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
}
public override void Bad(HttpRequest req, HttpResponse resp)
{
string data;
/* We need to have one source outside of a for loop in order
* to prevent the compiler from generating an error because
* data is uninitialized
*/
data = ""; /* Initialize data */
{
try
{
/* read string from file into data */
using (StreamReader sr = new StreamReader("data.txt"))
{
/* POTENTIAL FLAW: Read data from a file */
/* This will be reading the first "line" of the file, which
* could be very long if there are little or no newlines in the file */
data = sr.ReadLine();
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
for (int j = 0; j < 1; j++)
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", data);
/* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
resp.AppendCookie(cookieSink);
}
}
}
/* goodB2G() - use badsource and goodsink*/
private void GoodB2G(HttpRequest req, HttpResponse resp)
{
string data;
using (SecureString securePwd = new SecureString())
{
using (SecureString secureUser = new SecureString())
{
for (int i = 0; i < "AP@ssw0rd".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("AP@ssw0rd"[i]);
}
for (int i = 0; i < "user".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("user"[i]);
}
/* POTENTIAL FLAW: Set data to credentials (without hashing or encryption) */
data = secureUser.ToString() + ":" + securePwd.ToString();
}
}
for (int k = 0; k < 1; k++)
{
/* FIX: Hash data before storing in cookie */
{
string salt = "ThisIsMySalt";
using (SHA512CryptoServiceProvider sha512 = new SHA512CryptoServiceProvider())
{
byte[] buffer = Encoding.UTF8.GetBytes(string.Concat(salt, data));
byte[] hashedCredsAsBytes = sha512.ComputeHash(buffer);
data = IO.ToHex(hashedCredsAsBytes);
}
}
resp.AppendCookie(new HttpCookie("auth", data));
}
}
/* goodB2G() - use badsource and goodsink */
private void GoodB2G(HttpRequest req, HttpResponse resp)
{
string dataCopy;
{
string data;
data = ""; /* Initialize data */
{
try
{
/* read string from file into data */
using (StreamReader sr = new StreamReader("data.txt"))
{
/* POTENTIAL FLAW: Read data from a file */
/* This will be reading the first "line" of the file, which
* could be very long if there are little or no newlines in the file */
data = sr.ReadLine();
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
dataCopy = data;
}
{
string data = dataCopy;
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
/* goodB2G2() - use badsource and goodsink by reversing statements in second if */
private void GoodB2G2(HttpRequest req, HttpResponse resp)
{
string data;
if (privateFive == 5)
{
data = ""; /* Initialize data */
{
/* read user input from console with ReadLine */
try
{
/* POTENTIAL FLAW: Read data from the console using ReadLine */
data = Console.ReadLine();
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
}
else
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (privateFive == 5)
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
/* goodB2G() - use badsource and goodsink*/
private void GoodB2G(HttpRequest req, HttpResponse resp)
{
string data;
data = ""; /* Initialize data */
/* read input from WebClient */
{
try
{
using (WebClient client = new WebClient())
{
using (StreamReader sr = new StreamReader(client.OpenRead("http://www.example.org/")))
{
/* POTENTIAL FLAW: Read data from a web server with WebClient */
/* This will be reading the first "line" of the response body,
* which could be very long if there are no newlines in the HTML */
data = sr.ReadLine();
}
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
for (int k = 0; k < 1; k++)
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
/* goodG2B() - use GoodSource and BadSink */
public static void GoodG2BSink(byte[] dataSerialized, HttpRequest req, HttpResponse resp)
{
try
{
string data;
var binForm = new BinaryFormatter();
using (var memStream = new MemoryStream())
{
memStream.Write(dataSerialized, 0, dataSerialized.Length);
memStream.Seek(0, SeekOrigin.Begin);
data = (string)binForm.Deserialize(memStream);
}
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", data);
/* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
resp.AppendCookie(cookieSink);
}
}
catch (SerializationException exceptSerialize)
{
IO.Logger.Log(NLog.LogLevel.Warn, "SerializationException in deserialization", exceptSerialize);
}
}
/* goodB2G() - use BadSource and GoodSink */
public static void GoodB2GSink(byte[] dataSerialized, HttpRequest req, HttpResponse resp)
{
try
{
string data;
var binForm = new BinaryFormatter();
using (var memStream = new MemoryStream())
{
memStream.Write(dataSerialized, 0, dataSerialized.Length);
memStream.Seek(0, SeekOrigin.Begin);
data = (string)binForm.Deserialize(memStream);
}
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
catch (SerializationException exceptSerialize)
{
IO.Logger.Log(NLog.LogLevel.Warn, "SerializationException in deserialization", exceptSerialize);
}
}
public override void Bad(HttpRequest req, HttpResponse resp)
{
string data;
data = ""; /* Initialize data */
{
/* read user input from console with ReadLine */
try
{
/* POTENTIAL FLAW: Read data from the console using ReadLine */
data = Console.ReadLine();
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", data);
/* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
resp.AppendCookie(cookieSink);
}
}
/* goodB2G() - use badsource and goodsink */
private void GoodB2G(HttpRequest req, HttpResponse resp)
{
string data;
data = ""; /* Initialize data */
{
/* read user input from console with ReadLine */
try
{
/* POTENTIAL FLAW: Read data from the console using ReadLine */
data = Console.ReadLine();
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
public override void Bad(HttpRequest req, HttpResponse resp)
{
string data;
if (privateFive == 5)
{
data = ""; /* Initialize data */
{
/* read user input from console with ReadLine */
try
{
/* POTENTIAL FLAW: Read data from the console using ReadLine */
data = Console.ReadLine();
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
}
else
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (privateFive == 5)
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", data);
/* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
resp.AppendCookie(cookieSink);
}
}
}
public override void Bad(HttpRequest req, HttpResponse resp)
{
string dataCopy;
{
string data;
data = ""; /* Initialize data */
{
try
{
/* read string from file into data */
using (StreamReader sr = new StreamReader("data.txt"))
{
/* POTENTIAL FLAW: Read data from a file */
/* This will be reading the first "line" of the file, which
* could be very long if there are little or no newlines in the file */
data = sr.ReadLine();
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
dataCopy = data;
}
{
string data = dataCopy;
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", data);
/* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
resp.AppendCookie(cookieSink);
}
}
}
/* goodB2G() - use badsource and goodsink*/
private void GoodB2G(HttpRequest req, HttpResponse resp)
{
string data;
data = ""; /* initialize data in case there are no cookies */
/* Read data from cookies */
{
HttpCookieCollection cookieSources = req.Cookies;
if (cookieSources != null)
{
/* POTENTIAL FLAW: Read data from the first cookie value */
data = cookieSources[0].Value;
}
}
for (int k = 0; k < 1; k++)
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
/* goodB2G1() - use badsource and goodsink by changing second PRIVATE_CONST_FIVE==5 to PRIVATE_CONST_FIVE!=5 */
private void GoodB2G1(HttpRequest req, HttpResponse resp)
{
string data;
if (PRIVATE_CONST_FIVE == 5)
{
data = ""; /* initialize data in case id is not in query string */
/* POTENTIAL FLAW: Parse id param out of the URL querystring (without using getParameter()) */
{
if (req.QueryString["id"] != null)
{
data = req.QueryString["id"];
}
}
}
else
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (PRIVATE_CONST_FIVE != 5)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
IO.WriteLine("Benign, fixed string");
}
else
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
/* goodG2B() - use goodsource and badsink */
public static void GoodG2BSink(string data, HttpRequest req, HttpResponse resp)
{
/* NOTE: potential incidental issues with not setting secure or HttpOnly flag */
/* POTENTIAL FLAW: Store data directly in cookie */
resp.AppendCookie(new HttpCookie("auth", data));
}
/* goodB2G() - use badsource and goodsink by changing the second "if" so that
* both branches use the GoodSink */
private void GoodB2G(HttpRequest req, HttpResponse resp)
{
string data;
if (IO.StaticReturnsTrueOrFalse())
{
data = ""; /* Initialize data */
/* Read data using an outbound tcp connection */
{
try
{
/* Read data using an outbound tcp connection */
using (TcpClient tcpConn = new TcpClient("host.example.org", 39544))
{
/* read input from socket */
using (StreamReader sr = new StreamReader(tcpConn.GetStream()))
{
/* POTENTIAL FLAW: Read data using an outbound tcp connection */
data = sr.ReadLine();
}
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
}
else
{
data = ""; /* Initialize data */
/* Read data using an outbound tcp connection */
{
try
{
/* Read data using an outbound tcp connection */
using (TcpClient tcpConn = new TcpClient("host.example.org", 39544))
{
/* read input from socket */
using (StreamReader sr = new StreamReader(tcpConn.GetStream()))
{
/* POTENTIAL FLAW: Read data using an outbound tcp connection */
data = sr.ReadLine();
}
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
}
if (IO.StaticReturnsTrueOrFalse())
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
else
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
public override void Bad(HttpRequest req, HttpResponse resp)
{
string data;
if (IO.StaticReturnsTrueOrFalse())
{
data = ""; /* Initialize data */
/* Read data using a listening tcp connection */
{
TcpListener listener = null;
try
{
listener = new TcpListener(IPAddress.Parse("10.10.1.10"), 39543);
listener.Start();
using (TcpClient tcpConn = listener.AcceptTcpClient())
{
/* read input from socket */
using (StreamReader sr = new StreamReader(tcpConn.GetStream()))
{
/* POTENTIAL FLAW: Read data using a listening tcp connection */
data = sr.ReadLine();
}
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
finally
{
if (listener != null)
{
try
{
listener.Stop();
}
catch (SocketException se)
{
IO.Logger.Log(NLog.LogLevel.Warn, se, "Error closing TcpListener");
}
}
}
}
}
else
{
/* FIX: Use a hardcoded string */
data = "foo";
}
if (IO.StaticReturnsTrueOrFalse())
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", data);
/* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
resp.AppendCookie(cookieSink);
}
}
else
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
public void Methods_Deny_Unrestricted()
{
HttpResponse response = new HttpResponse(writer);
response.AddCacheItemDependencies(new ArrayList());
response.AddCacheItemDependency(String.Empty);
response.AddFileDependencies(new ArrayList());
response.AddFileDependency(fname);
#if NET_2_0
response.AddCacheDependency(new CacheDependency[0]);
response.AddCacheItemDependencies(new string [0]);
response.AddFileDependencies(new string [0]);
#endif
try
{
response.AppendCookie(new HttpCookie("mono"));
}
catch (NullReferenceException)
{
// ms
}
try
{
Assert.IsNull(response.ApplyAppPathModifier(null), "ApplyAppPathModifier");
}
catch (NullReferenceException)
{
// ms
}
try
{
response.Clear();
}
catch (NullReferenceException)
{
// ms
}
try
{
response.ClearContent();
}
catch (NullReferenceException)
{
// ms
}
try
{
response.ClearHeaders();
}
catch (NullReferenceException)
{
// ms
}
try
{
response.Redirect("http://www.mono-project.com");
}
catch (NullReferenceException)
{
// ms
}
try
{
response.Redirect("http://www.mono-project.com", false);
}
catch (NullReferenceException)
{
// ms
}
try
{
response.SetCookie(new HttpCookie("mono"));
}
catch (NullReferenceException)
{
// ms
}
response.Write(String.Empty);
response.Write(Char.MinValue);
response.Write(new char[0], 0, 0);
response.Write(this);
#if NET_2_0
response.WriteSubstitution(new HttpResponseSubstitutionCallback(Callback));
#endif
response.Flush();
response.Close();
try
{
response.End();
}
catch (NullReferenceException)
{
// ms
}
}
public override void Bad(HttpRequest req, HttpResponse resp)
{
string data;
if (IO.StaticReturnsTrueOrFalse())
{
using (SecureString securePwd = new SecureString())
{
using (SecureString secureUser = new SecureString())
{
for (int i = 0; i < "AP@ssw0rd".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("AP@ssw0rd"[i]);
}
for (int i = 0; i < "user".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("user"[i]);
}
/* POTENTIAL FLAW: Set data to credentials (without hashing or encryption) */
data = secureUser.ToString() + ":" + securePwd.ToString();
}
}
}
else
{
using (SecureString securePwd = new SecureString())
{
using (SecureString secureUser = new SecureString())
{
for (int i = 0; i < "AP@ssw0rd".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("AP@ssw0rd"[i]);
}
for (int i = 0; i < "user".Length; i++)
{
/* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
securePwd.AppendChar("user"[i]);
}
/* FIX: Set data to a hash of credentials */
{
string salt = "ThisIsMySalt";
using (SHA512CryptoServiceProvider sha512 = new SHA512CryptoServiceProvider())
{
string credentialsToHash = secureUser.ToString() + ":" + securePwd.ToString();
byte[] buffer = Encoding.UTF8.GetBytes(string.Concat(salt, credentialsToHash));
byte[] hashedCredsAsBytes = sha512.ComputeHash(buffer);
data = IO.ToHex(hashedCredsAsBytes);
}
}
}
}
}
if (IO.StaticReturnsTrueOrFalse())
{
/* NOTE: potential incidental issues with not setting secure or HttpOnly flag */
/* POTENTIAL FLAW: Store data directly in cookie */
resp.AppendCookie(new HttpCookie("auth", data));
}
else
{
/* FIX: Hash data before storing in cookie */
{
string salt = "ThisIsMySalt";
using (SHA512CryptoServiceProvider sha512 = new SHA512CryptoServiceProvider())
{
byte[] buffer = Encoding.UTF8.GetBytes(string.Concat(salt, data));
byte[] hashedCredsAsBytes = sha512.ComputeHash(buffer);
data = IO.ToHex(hashedCredsAsBytes);
}
}
resp.AppendCookie(new HttpCookie("auth", data));
}
}
public override void Bad(HttpRequest req, HttpResponse resp)
{
string data;
switch (6)
{
case 6:
data = ""; /* Initialize data */
/* Read data using a listening tcp connection */
{
TcpListener listener = null;
try
{
listener = new TcpListener(IPAddress.Parse("10.10.1.10"), 39543);
listener.Start();
using (TcpClient tcpConn = listener.AcceptTcpClient())
{
/* read input from socket */
using (StreamReader sr = new StreamReader(tcpConn.GetStream()))
{
/* POTENTIAL FLAW: Read data using a listening tcp connection */
data = sr.ReadLine();
}
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
finally
{
if (listener != null)
{
try
{
listener.Stop();
}
catch (SocketException se)
{
IO.Logger.Log(NLog.LogLevel.Warn, se, "Error closing TcpListener");
}
}
}
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
break;
}
switch (7)
{
case 7:
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", data);
/* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
resp.AppendCookie(cookieSink);
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
IO.WriteLine("Benign, fixed string");
break;
}
}
public override void AppendCookie(HttpCookie cookie)
{
_httpResponse.AppendCookie(cookie);
}
public virtual void AppendCookie(HttpCookie cookie)
{
_response.AppendCookie(cookie);
}
public void AppendCookie(HttpCookie cookie)
{
response.AppendCookie(cookie);
}
/* goodB2G1() - use badsource and goodsink by changing second PRIVATE_CONST_TRUE to PRIVATE_CONST_FALSE */
private void GoodB2G1(HttpRequest req, HttpResponse resp)
{
string data;
if (PRIVATE_CONST_TRUE)
{
data = ""; /* Initialize data */
/* Read data using a listening tcp connection */
{
TcpListener listener = null;
try
{
listener = new TcpListener(IPAddress.Parse("10.10.1.10"), 39543);
listener.Start();
using (TcpClient tcpConn = listener.AcceptTcpClient())
{
/* read input from socket */
using (StreamReader sr = new StreamReader(tcpConn.GetStream()))
{
/* POTENTIAL FLAW: Read data using a listening tcp connection */
data = sr.ReadLine();
}
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
finally
{
if (listener != null)
{
try
{
listener.Stop();
}
catch (SocketException se)
{
IO.Logger.Log(NLog.LogLevel.Warn, se, "Error closing TcpListener");
}
}
}
}
}
else
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (PRIVATE_CONST_FALSE)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
IO.WriteLine("Benign, fixed string");
}
else
{
if (data != null)
{
HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
/* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
resp.AppendCookie(cookieSink);
}
}
}
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/plain";
Request = context.Request;
Response = context.Response;
switch (Request["operType"])
{
case "verifyvote":
DateTime begin = DateTime.Parse(Discuz.Common.ConfigOperator.ConfigReadValue("startvotetime"));
DateTime end = DateTime.Parse(Discuz.Common.ConfigOperator.ConfigReadValue("endvotetime")).AddDays(1);
if (DateTime.Now < begin)
{
Response.Write("{\"result\":\"0\",\"msg\":\"投票太早了,投票时间为:" + begin.ToString("yyyy年MM月dd日") + "到" + end.AddDays(-1).ToString("yyyy年MM月dd日") + "\"}");
}
else if (end < DateTime.Now)
{
Response.Write("{\"result\":\"0\",\"msg\":\"投票来晚了,投票时间为:" + begin.ToString("yyyy年MM月dd日") + "到" + end.AddDays(-1).ToString("yyyy年MM月dd日") + "\"}");
}
else
{
//判断指定的IP是否已投过票了,如果已经投过了,则弹出提示对话框
string UserIP = Request.UserHostAddress.ToString();
HttpCookie oldCookie = Request.Cookies["userIP"];
if (oldCookie == null)
{
//定义新的Cookie对象
HttpCookie newCookie = new HttpCookie("IPaddress");
newCookie.Expires = DateTime.Now.AddMinutes(5);
//添加新的Cookie变量IPaddress,值为UserIP
newCookie.Value = UserIP;
//将变量写入Cookie文件中
Response.AppendCookie(newCookie);
Response.Write("{\"result\":\"1\"}");
}
else
{
string userIP = oldCookie.Values["IPaddress"];
if (UserIP.Trim() == userIP.Trim())
{
Response.Write("{\"result\":\"0\",\"msg\":\"一个IP地址只能投一次票,谢谢您的参与!\"}");
}
else
{
//定义新的Cookie对象
HttpCookie newCookie = new HttpCookie("IPaddress");
newCookie.Expires = DateTime.Now.AddMinutes(5);
//添加新的Cookie变量IPaddress,值为UserIP
newCookie.Value = UserIP;
//将变量写入Cookie文件中
Response.AppendCookie(newCookie);
Response.Write("{\"result\":\"1\"}");
}
}
}
break;
case "vote":
if (Attachments.UpdatePicVote(int.Parse(Request["Aid"]), string.Empty) > 0)
{
CookiesHelper.AddNoDomainCoolie("userIP", "IPaddress", CookiesHelper.GetCookieValue("IPaddress"), 60 * 24);
Response.Write("{\"result\":\"1\",\"msg\":\"投票成功,谢谢您的参与!\"}");
}
else
{
Response.Write("{\"result\":\"0\",\"msg\":\"投票失败,请稍后重试!\"}");
}
break;
}
}
