/**
* In this case, external data reaches a sink, but there is no validation
* routine available.
* <p/>
* There should be a medium confidence vulnerability derived from this call.
*
*/
private static void testSinkNoValidationAvailable(string[] args)
{
try {
TestCase_IOT_Instance_Val_Confidence testCase = new TestCase_IOT_Instance_Val_Confidence();
string file = args[0];
string source = testCase.getUnCoveredVulnerableSource(file);
testCase.writeToVulnerableSink(file, source);
} catch (Exception e) {
Console.Write(e.StackTrace);
}
}
/**
* In this case, external data gets lost, and a validation routine
* is available, but is not used.
* <p/>
* There should be a medium confidence vulnerability derived from this call.
*
*/
private static void testLostValidationNotUsed(string[] args)
{
try {
TestCase_IOT_Instance_Val_Confidence testCase = new TestCase_IOT_Instance_Val_Confidence();
string file = args[0];
string source = testCase.getCoveredVulnerableSource(file);
testCase.writeToUnknownSink(file, source);
} catch (Exception e) {
Console.Write(e.StackTrace);
}
}
