/* good1() changes PRIVATE_STATIC_FINAL_TRUE to PRIVATE_STATIC_FINAL_FALSE */
  private void good1() throws Throwable {
    if (PRIVATE_STATIC_FINAL_FALSE) {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
      IO.writeLine("Benign, fixed string");
    } else {

      InputStreamReader readerInputStream = null;
      BufferedReader readerBuffered = null;
      StringBuffer password = new StringBuffer();
      Connection dBConnection = null;

      /* read user input from console with readLine */
      try {
        readerInputStream = new InputStreamReader(System.in, "UTF-8");
        readerBuffered = new BufferedReader(readerInputStream);

        password.append(readerBuffered.readLine());

        dBConnection = DriverManager.getConnection("192.168.105.23", "sa", password.toString());
      } catch (IOException exceptIO) {
        IO.logger.log(Level.WARNING, "Error with stream reading", exceptIO);
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
      } finally {
        /* FIX: Zeroize the password */
        password.delete(0, password.length());

        try {
          if (dBConnection != null) {
            dBConnection.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
        }

        try {
          if (readerBuffered != null) {
            readerBuffered.close();
          }
        } catch (IOException exceptIO) {
          IO.logger.log(Level.WARNING, "Error closing BufferedReader", exceptIO);
        }

        try {
          if (readerInputStream != null) {
            readerInputStream.close();
          }
        } catch (IOException exceptIO) {
          IO.logger.log(Level.WARNING, "Error closing InputStreamReader", exceptIO);
        }
      }
    }
  }
  /* good2() reverses the bodies in the if statement */
  private void good2() throws Throwable {
    if (privateTrue) {
      InputStreamReader readerInputStream = null;
      BufferedReader readerBuffered = null;
      StringBuffer password = new StringBuffer();
      Connection dBConnection = null;
      /* read user input from console with readLine */
      try {
        readerInputStream = new InputStreamReader(System.in, "UTF-8");
        readerBuffered = new BufferedReader(readerInputStream);
        password.append(readerBuffered.readLine());
        dBConnection = DriverManager.getConnection("192.168.105.23", "sa", password.toString());
      } catch (IOException exceptIO) {
        IO.logger.log(Level.WARNING, "Error with stream reading", exceptIO);
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
      } finally {
        /* FIX: Zeroize the password */
        password.delete(0, password.length());

        try {
          if (dBConnection != null) {
            dBConnection.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
        }

        try {
          if (readerBuffered != null) {
            readerBuffered.close();
          }
        } catch (IOException exceptIO) {
          IO.logger.log(Level.WARNING, "Error closing BufferedReader", exceptIO);
        }

        try {
          if (readerInputStream != null) {
            readerInputStream.close();
          }
        } catch (IOException exceptIO) {
          IO.logger.log(Level.WARNING, "Error closing InputStreamReader", exceptIO);
        }
      }
    }
  }
  public void bad() throws Throwable {
    if (PRIVATE_STATIC_FINAL_TRUE) {
      InputStreamReader readerInputStream = null;
      BufferedReader readerBuffered = null;
      StringBuffer password = new StringBuffer();
      Connection dBConnection = null;
      /* read user input from console with readLine */
      try {
        readerInputStream = new InputStreamReader(System.in, "UTF-8");
        readerBuffered = new BufferedReader(readerInputStream);
        password.append(readerBuffered.readLine());
        dBConnection = DriverManager.getConnection("192.168.105.23", "sa", password.toString());
      } catch (IOException exceptIO) {
        IO.logger.log(Level.WARNING, "Error with stream reading", exceptIO);
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
      } finally {
        /* FLAW: the password is stored in a mutable object (StringBuffer) and it is not cleared */

        try {
          if (dBConnection != null) {
            dBConnection.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
        }

        try {
          if (readerBuffered != null) {
            readerBuffered.close();
          }
        } catch (IOException exceptIO) {
          IO.logger.log(Level.WARNING, "Error closing BufferedReader", exceptIO);
        }

        try {
          if (readerInputStream != null) {
            readerInputStream.close();
          }
        } catch (IOException exceptIO) {
          IO.logger.log(Level.WARNING, "Error closing InputStreamReader", exceptIO);
        }
      }
    }
  }