C# (CSharp) testcases.CWE319_Cleartext_Tx_Sensitive_Info CWE319_Cleartext_Tx_Sensitive_Info__send_66b示例

示例#1

文件： CWE319_Cleartext_Tx_Sensitive_Info__send_66a.cs 项目： Anzsley/Juliet_Test_Suite_v1.3_for_C_Sharp

        /* goodG2B() - use goodsource and badsink */
        private static void GoodG2B()
        {
            string data;

            /* FIX: Use a regular string (non-sensitive string) */
            data = "Hello World";
            string[] dataArray = new string[5];
            dataArray[2] = data;
            CWE319_Cleartext_Tx_Sensitive_Info__send_66b.GoodG2BSink(dataArray);
        }

示例#2

文件： CWE319_Cleartext_Tx_Sensitive_Info__send_66a.cs 项目： Anzsley/Juliet_Test_Suite_v1.3_for_C_Sharp

        /* goodB2G() - use badsource and goodsink */
        private static void GoodB2G()
        {
            string data;

            using (SecureString securePwd = new SecureString())
            {
                for (int i = 0; i < "AP@ssw0rd".Length; i++)
                {
                    /* INCIDENTAL: CWE-798 Use of Hard-coded Credentials */
                    securePwd.AppendChar("AP@ssw0rd"[i]);
                }

                /* POTENTIAL FLAW: Set data to be a password, which can be transmitted over a non-secure
                 * channel in the sink */
                data = securePwd.ToString();
            }
            string[] dataArray = new string[5];
            dataArray[2] = data;
            CWE319_Cleartext_Tx_Sensitive_Info__send_66b.GoodB2GSink(dataArray);
        }