/* goodG2B() - use goodsource and badsink */
private static void GoodG2B()
{
string data;
/* FIX: Use a hardcoded string */
data = "foo";
Container dataContainer = new Container();
dataContainer.containerOne = data;
CWE90_LDAP_Injection__Listen_tcp_67b.GoodG2BSink(dataContainer);
}
public override void Bad()
{
string data;
data = ""; /* Initialize data */
/* Read data using a listening tcp connection */
{
TcpListener listener = null;
try
{
listener = new TcpListener(IPAddress.Parse("10.10.1.10"), 39543);
listener.Start();
using (TcpClient tcpConn = listener.AcceptTcpClient())
{
/* read input from socket */
using (StreamReader sr = new StreamReader(tcpConn.GetStream()))
{
/* POTENTIAL FLAW: Read data using a listening tcp connection */
data = sr.ReadLine();
}
}
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
finally
{
if (listener != null)
{
try
{
listener.Stop();
}
catch (SocketException se)
{
IO.Logger.Log(NLog.LogLevel.Warn, se, "Error closing TcpListener");
}
}
}
}
Container dataContainer = new Container();
dataContainer.containerOne = data;
CWE90_LDAP_Injection__Listen_tcp_67b.BadSink(dataContainer);
}