/* goodB2G() - use badsource and goodsink */ public static void GoodB2GSink(CWE134_Externally_Controlled_Format_String__Environment_console_interpolation_67a.Container dataContainer) { string data = dataContainer.containerOne; if (data != null) { /* FIX: explicitly defined string formatting by using interpolation */ Console.Write("{0}{1}", data, Environment.NewLine); } }
/* goodG2B() - use goodsource and badsink */ public static void GoodG2BSink(CWE134_Externally_Controlled_Format_String__Environment_console_interpolation_67a.Container dataContainer) { string data = dataContainer.containerOne; if (data != null) { /* POTENTIAL FLAW: uncontrolled string formatting */ Console.Write(string.Format(data)); } }