/* goodG2B() - use goodsource and badsink */
private static void GoodG2B()
{
string data = CWE606_Unchecked_Loop_Condition__Database_61b.GoodG2BSource();
int numberOfLoops;
try
{
numberOfLoops = int.Parse(data);
}
catch (FormatException exceptNumberFormat)
{
IO.WriteLine("Invalid response. Numeric input expected. Assuming 1.");
IO.Logger.Log(NLog.LogLevel.Warn, exceptNumberFormat, "Invalid response. Numeric input expected. Assuming 1.");
numberOfLoops = 1;
}
for (int i = 0; i < numberOfLoops; i++)
{
/* POTENTIAL FLAW: user supplied input used for loop counter test */
IO.WriteLine("hello world");
}
}
/* goodB2G() - use badsource and goodsink */
private static void GoodB2G()
{
string data = CWE606_Unchecked_Loop_Condition__Database_61b.GoodB2GSource();
int numberOfLoops;
try
{
numberOfLoops = int.Parse(data);
}
catch (FormatException exceptNumberFormat)
{
IO.WriteLine("Invalid response. Numeric input expected. Assuming 1.");
IO.Logger.Log(NLog.LogLevel.Warn, exceptNumberFormat, "Invalid response. Numeric input expected. Assuming 1.");
numberOfLoops = 1;
}
/* FIX: loop number thresholds validated */
if (numberOfLoops >= 0 && numberOfLoops <= 5)
{
for (int i = 0; i < numberOfLoops; i++)
{
IO.WriteLine("hello world");
}
}
}
