/* goodB2G() - use badsource and goodsink */ private static void GoodB2G() { string data = CWE319_Cleartext_Tx_Sensitive_Info__send_61b.GoodB2GSource(); try { using (TcpClient client = new TcpClient("remote_host", 1337)) { using (SslStream sslStream = new SslStream(client.GetStream())) { /* FIX: sending data over an SSL encrypted channel */ sslStream.Write(Encoding.UTF8.GetBytes(data)); } } } catch (IOException exceptIO) { IO.Logger.Log(NLog.LogLevel.Warn, "Error writing to the TcpClient", exceptIO); } }
/* goodG2B() - use goodsource and badsink */ private static void GoodG2B() { string data = CWE319_Cleartext_Tx_Sensitive_Info__send_61b.GoodG2BSource(); try { using (TcpClient tcpClient = new TcpClient("remote_host", 1337)) { using (StreamWriter writer = new StreamWriter(tcpClient.GetStream())) { /* POTENTIAL FLAW: sending data over an unencrypted (non-SSL) channel */ writer.WriteLine(data); } } } catch (IOException exceptIO) { IO.Logger.Log(NLog.LogLevel.Warn, "Error writing to the TcpClient", exceptIO); } }