public override void Bad()
{
data = ""; /* Initialize data */
{
/* read user input from console with ReadLine */
try
{
/* POTENTIAL FLAW: Read data from the console using ReadLine */
data = Console.ReadLine();
}
catch (IOException exceptIO)
{
IO.Logger.Log(NLog.LogLevel.Warn, exceptIO, "Error with stream reading");
}
}
CWE23_Relative_Path_Traversal__ReadLine_68b.BadSink();
}
/* goodG2B() - use goodsource and badsink */
private static void GoodG2B()
{
/* FIX: Use a hardcoded string */
data = "foo";
CWE23_Relative_Path_Traversal__ReadLine_68b.GoodG2BSink();
}
