public override void Bad()
{
StringBuilder dataCopy;
{
StringBuilder data;
/* POTENTIAL FLAW: Call getStringBuilderBad(), which may return null */
data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderBad();
dataCopy = data;
}
{
StringBuilder data = dataCopy;
/* POTENTIAL FLAW: data could be null */
string stringTrimmed = data.ToString().Trim();
IO.WriteLine(stringTrimmed);
}
}
/* goodB2G() - use badsource and goodsink*/
private void GoodB2G()
{
StringBuilder data;
/* POTENTIAL FLAW: Call getStringBuilderBad(), which may return null */
data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderBad();
for (int k = 0; k < 1; k++)
{
/* FIX: explicit check for null */
if (data != null)
{
string stringTrimmed = data.ToString().Trim();
IO.WriteLine(stringTrimmed);
}
}
}
public override void Bad()
{
StringBuilder data;
/* We need to have one source outside of a for loop in order
* to prevent the compiler from generating an error because
* data is uninitialized
*/
/* POTENTIAL FLAW: Call getStringBuilderBad(), which may return null */
data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderBad();
for (int j = 0; j < 1; j++)
{
/* POTENTIAL FLAW: data could be null */
string stringTrimmed = data.ToString().Trim();
IO.WriteLine(stringTrimmed);
}
}
public override void Bad()
{
StringBuilder data;
if (IO.staticFive == 5)
{
/* POTENTIAL FLAW: Call getStringBuilderBad(), which may return null */
data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderBad();
}
else
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (IO.staticFive == 5)
{
/* POTENTIAL FLAW: data could be null */
string stringTrimmed = data.ToString().Trim();
IO.WriteLine(stringTrimmed);
}
}
/* goodB2G() - use BadSource and GoodSink */
private static void GoodB2G()
{
StringBuilder data;
/* POTENTIAL FLAW: Call getStringBuilderBad(), which may return null */
data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderBad();
/* serialize data to a byte array */
byte[] dataSerialized = null;
try
{
BinaryFormatter bf = new BinaryFormatter();
using (var ms = new MemoryStream())
{
bf.Serialize(ms, data);
dataSerialized = ms.ToArray();
}
CWE690_NULL_Deref_From_Return__Class_StringBuilder_75b.GoodB2GSink(dataSerialized);
}
catch (SerializationException exceptSerialize)
{
IO.Logger.Log(NLog.LogLevel.Warn, "Serialization exception in serialization", exceptSerialize);
}
}
/* goodB2G() - use badsource and goodsink */
private static void GoodB2G()
{
/* POTENTIAL FLAW: Call getStringBuilderBad(), which may return null */
data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderBad();
CWE690_NULL_Deref_From_Return__Class_StringBuilder_68b.GoodB2GSink();
}
public override void Bad()
{
/* POTENTIAL FLAW: Call getStringBuilderBad(), which may return null */
data = CWE690_NULL_Deref_From_Return__Class_Helper.getStringBuilderBad();
CWE690_NULL_Deref_From_Return__Class_StringBuilder_68b.BadSink();
}
