/* uses badsource and badsink */
public void bad() throws Throwable {
String data;
if (privateTrue) {
/* get system property user.home */
/* POTENTIAL FLAW: Read data from a system property */
data = System.getProperty("user.home");
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process process = Runtime.getRuntime().exec(osCommand + data);
process.waitFor();
}
/* goodG2B1() - use goodsource and badsink by changing privateTrue to privateFalse */
private void goodG2B1() throws Throwable {
String data;
if (privateFalse) {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
} else {
/* FIX: Use a hardcoded string */
data = "foo";
}
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process process = Runtime.getRuntime().exec(osCommand + data);
process.waitFor();
}
/* goodG2B2() - use goodsource and badsink by reversing statements in if */
private void goodG2B2() throws Throwable {
String data;
if (IO.static_returns_t()) {
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
Logger log_bad = Logger.getLogger("local-logger");
data = ""; /* init data */
File f = new File("C:\\data.txt");
BufferedReader buffread = null;
FileReader fread = null;
try {
/* read string from file into data */
fread = new FileReader(f);
buffread = new BufferedReader(fread);
data = buffread.readLine(); // This will be reading the first "line" of the file, which
// could be very long if there are little or no newlines in the file\
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} catch (NumberFormatException nfe) {
log_bad.warning("Error with number parsing");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (fread != null) {
fread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing fread");
}
}
}
}
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process p = Runtime.getRuntime().exec(osCommand + data);
p.waitFor();
}
public void action(String data) throws Throwable {
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process process = Runtime.getRuntime().exec(osCommand + data);
process.waitFor();
}
/* goodG2B() - use goodsource and badsink */
public void goodG2B_sink() throws Throwable {
String data = CWE78_OS_Command_Injection__console_readLine_68a.data;
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process p = Runtime.getRuntime().exec(osCommand + data);
p.waitFor();
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B() throws Throwable {
String data = (new CWE78_OS_Command_Injection__fromDB_61b()).goodG2B_source();
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process p = Runtime.getRuntime().exec(osCommand + data);
p.waitFor();
}
/* uses badsource and badsink */
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
if (true) {
/* POTENTIAL FLAW: Read data from a querystring using getParameter */
data = request.getParameter("name");
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process process = Runtime.getRuntime().exec(osCommand + data);
process.waitFor();
}
/* uses badsource and badsink */
public void bad() throws Throwable {
String data;
if (private_t) {
Logger log_bad = Logger.getLogger("local-logger");
data = ""; /* init data */
Connection conn = null;
PreparedStatement statement = null;
ResultSet rs = null;
BufferedReader buffread = null;
InputStreamReader instrread = null;
try {
/* setup the connection */
conn = IO.getDBConnection();
/* prepare the query */
statement = conn.prepareStatement("select name from users where id=?");
/* get user input for the userid */
IO.writeLine("Enter a userid to login as (number): ");
instrread = new InputStreamReader(System.in);
buffread = new BufferedReader(instrread);
int num = Integer.parseInt(buffread.readLine());
statement.setInt(1, num);
rs = statement.executeQuery();
data = rs.getString(1);
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (instrread != null) {
instrread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing instrread");
}
}
/* clean up database objects */
try {
if (rs != null) {
rs.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing rs");
} finally {
try {
if (statement != null) {
statement.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing statement");
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing conn");
}
}
}
}
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
}
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process p = Runtime.getRuntime().exec(osCommand + data);
p.waitFor();
}
/* uses badsource and badsink */
public void bad() throws Throwable {
String data;
if (IO.STATIC_FINAL_TRUE) {
data = ""; /* Initialize data */
/* Read data from a database */
{
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
try {
/* setup the connection */
connection = IO.getDBConnection();
/* prepare and execute a (hardcoded) query */
preparedStatement = connection.prepareStatement("select name from users where id=0");
resultSet = preparedStatement.executeQuery();
/* POTENTIAL FLAW: Read data from a database query resultset */
data = resultSet.getString(1);
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error with SQL statement", exceptSql);
} finally {
/* Close database objects */
try {
if (resultSet != null) {
resultSet.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
}
try {
if (preparedStatement != null) {
preparedStatement.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing PreparedStatement", exceptSql);
}
try {
if (connection != null) {
connection.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
}
}
}
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
String osCommand;
if (System.getProperty("os.name").toLowerCase().indexOf("win") >= 0) {
/* running on Windows */
osCommand = "c:\\WINDOWS\\SYSTEM32\\cmd.exe /c dir ";
} else {
/* running on non-Windows */
osCommand = "/bin/ls ";
}
/* POTENTIAL FLAW: command injection */
Process process = Runtime.getRuntime().exec(osCommand + data);
process.waitFor();
}
