/* goodB2G() - use badsource and goodsink by changing the second "if" so that both branches use the GoodSink */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.static_returns_t_or_f()) { Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } else { Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } if (IO.static_returns_t_or_f()) { /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ data = URLEncoder.encode(data, "UTF-16"); response.addHeader("Location", "/author.jsp?lang=" + data); } else { /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ data = URLEncoder.encode(data, "UTF-16"); response.addHeader("Location", "/author.jsp?lang=" + data); } }
@Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { HttpSession session = req.getSession(); String exitParam = req.getParameter("exit"); String deleteParam = req.getParameter("delete"); String settingsParam = req.getParameter("settings"); if ("settings".equals(settingsParam)) { resp.sendRedirect("/profileSettings"); return; } if ("exit".equals(exitParam)) { // обнуляем куку Cookie[] cookies = req.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (cookie.getName().equals("remember")) { cookie.setMaxAge(0); cookie.setValue(null); resp.addCookie(cookie); break; } } } session.setAttribute("user_a", null); resp.sendRedirect("/login"); } if ("delete".equals(deleteParam)) { // обнуляем куку Cookie[] cookies = req.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (cookie.getName().equals("remember")) { cookie.setMaxAge(0); cookie.setValue(null); resp.addCookie(cookie); break; } } } try { UserRepository.deleteUser((User) session.getAttribute("user_a")); } catch (SQLException e) { req.setAttribute("message", "Some problems with server"); resp.sendRedirect("/profile"); e.printStackTrace(); } session.setAttribute("user_a", null); resp.sendRedirect("/welcome"); } }
/* goodG2B1() - use goodsource and badsink by changing first 5==5 to 5!=5 */ private void goodG2B1(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; /* INCIDENTAL: CWE 570 Statement is Always False */ if (5 != 5) { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } else { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; } /* INCIDENTAL: CWE 571 Statement is Always True */ if (5 == 5) { Cookie cookieSink = new Cookie("lang", data); /* POTENTIAL FLAW: Input not verified before inclusion in the cookie */ response.addCookie(cookieSink); } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Cookie cookieSink = new Cookie("lang", URLEncoder.encode(data, "UTF-16")); /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ response.addCookie(cookieSink); } }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.static_returns_t_or_f()) { Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } else { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; } if (IO.static_returns_t_or_f()) { /* POTENTIAL FLAW: Input from file not verified */ response.addHeader("Location", "/author.jsp?lang=" + data); } else { /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ data = URLEncoder.encode(data, "UTF-16"); response.addHeader("Location", "/author.jsp?lang=" + data); } }
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); if (request.getParameter("setcookie") != null) { Cookie cookie = new Cookie("Learningjava", "Cookies!"); cookie.setMaxAge(3600); response.addCookie(cookie); out.println("<html><body><h1>Cookie Set...</h1>"); } else { out.println("<html><body>"); Cookie[] cookies = request.getCookies(); if (cookies.length == 0) { out.println("<h1>No cookies found...</h1>"); } else { for (int i = 0; i < cookies.length; i++) out.print( "<h1>Name: " + cookies[i].getName() + "<br>" + "Value: " + cookies[i].getValue() + "</h1>"); } out.println( "<p><a href=\"" + request.getRequestURI() + "?setcookie=true\">" + "Reset the Learning Java cookie.</a>"); } out.println("</body></html>"); }
/* goodB2G() - use badsource and goodsink */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { int data; data = Integer.MIN_VALUE; /* initialize data in case there are no cookies */ /* Read data from cookies */ { Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { /* POTENTIAL FLAW: Read data from the first cookie value */ String stringNumber = cookieSources[0].getValue(); try { data = Integer.parseInt(stringNumber.trim()); } catch (NumberFormatException exceptNumberFormat) { IO.logger.log( Level.WARNING, "Number format exception reading data from cookie", exceptNumberFormat); } } } (new CWE129_Improper_Validation_of_Array_Index__getCookies_Servlet_array_write_no_check_53b()) .goodB2GSink(data, request, response); }
@Override public Cookie getCookie(final String name) { for (final javax.servlet.http.Cookie c : req.getCookies()) { if (c.getName().equals(name)) return new BXServletCookie(c); } return null; }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { int data_copy; { int data; Logger log_bad = Logger.getLogger("local-logger"); /* init Data$ */ data = -1; /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { String s_data = cookieSources[0].getValue(); data = Integer.parseInt(s_data.trim()); } data_copy = data; } { int data = data_copy; /* POTENTIAL FLAW: Zero modulus will cause an issue. An integer division will result in an exception. */ IO.writeLine("100%" + String.valueOf(data) + " = " + (100 % data) + "\n"); } }
/* goodB2G() - use badsource and goodsink */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { int data_copy; { int data; Logger log_bad = Logger.getLogger("local-logger"); /* init Data$ */ data = -1; /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { String s_data = cookieSources[0].getValue(); data = Integer.parseInt(s_data.trim()); } data_copy = data; } { int data = data_copy; /* FIX: test for a zero modulus */ if (data != 0) { IO.writeLine("100%" + String.valueOf(data) + " = " + (100 % data) + "\n"); } else { IO.writeLine("This would result in a modulo by zero"); } } }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } { try { int iConversion = Integer.valueOf(data); } catch (Exception e) { e.printStackTrace(); /* POTENTIAL FLAW: Print stack trace on error */ } } if (true) return; /* INCIDENTAL: CWE 571 Expression is Always True. We need the "if(true)" because the Java Language Spec requires that unreachable code generate a compiler error */ /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ { try { int iConversion = Integer.valueOf(data); } catch (Exception e) { IO.writeLine("There was an error parsing the string"); /* FIX: print a generic message */ } } }
/* goodG2B2() - use goodsource and badsink by reversing statements in if */ private void goodG2B2(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.static_t) { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } if (data != null) { /* POTENTIAL FLAW: script code (e.g. id=<script>alert('xss')</script>) is sent to the client; The built-in J2EE server automatically does some HTML entity encoding. Therefore, to test this, change response.sendError to response.getWriter().println and remove the 404, */ response.sendError(404, "<br>bad() - Parameter name has value " + data); } }
/* uses badsource and badsink */ public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { int dataCopy; { int data; data = Integer.MIN_VALUE; /* initialize data in case there are no cookies */ /* Read data from cookies */ { Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { /* POTENTIAL FLAW: Read data from the first cookie value */ String stringNumber = cookieSources[0].getValue(); try { data = Integer.parseInt(stringNumber.trim()); } catch (NumberFormatException exceptNumberFormat) { IO.logger.log( Level.WARNING, "Number format exception reading data from cookie", exceptNumberFormat); } } } dataCopy = data; } { int data = dataCopy; /* POTENTIAL FLAW: Create a HashSet using data as the initial size. data may be very large, creating memory issues */ HashSet intHashSet = new HashSet(data); } }
private void worker(HttpServletRequest request, HttpServletResponse response) throws IOException { System.out.println("Login servlet!"); JSONObject answer = new JSONObject(); String user, pass, session = null; Cookie[] cookies = request.getCookies(); if (cookies != null) for (Cookie cookie : cookies) if (cookie.getName().equals("JSESSIONID")) session = cookie.getValue(); try { // Auth by cookie session if (session != null) { authenticationBySession(response, answer, session); } else { // try auth by pass and name if (request.getAttribute("user") != null && request.getAttribute("pass") != null) { user = request.getAttribute("user").toString(); pass = request.getAttribute("pass").toString(); System.out.println(user + " / " + pass); authenticationByPassword(request, response, answer, user, pass); } else { answer.put("answer", "Bad request. No fields \"user\" or \"pass\" in request!"); answer.put("code", 400); } } } catch (Exception e) { answer.put("answer", "Server error: " + e.toString()); answer.put("code", 500); e.getStackTrace(); } PrintWriter out = response.getWriter(); out.write(answer.toString()); }
/* goodG2B2() - use goodsource and badsink by reversing statements in if */ private void goodG2B2(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.static_final_t) { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } String root = "C:\\uploads\\"; /* POTENTIAL FLAW: no validation of concatenated value */ File fIn = new File(root + data); if (fIn.exists() && fIn.isFile()) { IO.writeLine(new BufferedReader(new FileReader(fIn)).readLine()); } }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { int count; if (PRIVATE_STATIC_FINAL_TRUE) { count = Integer.MIN_VALUE; /* initialize count in case there are no cookies */ /* Read count from cookies */ { Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { /* POTENTIAL FLAW: Read count from the first cookie value */ String stringNumber = cookieSources[0].getValue(); try { count = Integer.parseInt(stringNumber.trim()); } catch (NumberFormatException exceptNumberFormat) { IO.logger.log( Level.WARNING, "Number format exception reading count from cookie", exceptNumberFormat); } } } } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run * but ensure count is inititialized before the Sink to avoid compiler errors */ count = 0; } if (PRIVATE_STATIC_FINAL_TRUE) { int i = 0; /* POTENTIAL FLAW: For loop using count as the loop variant and no validation */ for (i = 0; i < count; i++) { IO.writeLine("Hello"); } } }
private void invalidateCookies(HttpServletRequest request, HttpServletResponse response) { Cookie[] c = request.getCookies(); for (Cookie cookie : c) { cookie.setMaxAge(0); LOGGER.info(TextUtils.merge("Invalidate cookie: {0}", cookie.getName())); response.addCookie(cookie); } }
/* goodG2B() - use goodsource and badsink by moving BadSource and BadSink to after return */ private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; if (data != null) { /* This prevents \r\n (and other chars) and should prevent incidentals such * as HTTP Response Splitting and HTTP Header Injection. */ URI u; try { u = new URI(data); } catch (URISyntaxException e) { response.getWriter().write("Invalid redirect URL"); return; } /* POTENTIAL FLAW: redirect is sent verbatim; escape the string to prevent ancillary issues like XSS, Response splitting etc */ response.sendRedirect(data); return; } } if (true) return; /* INCIDENTAL: CWE 571 Expression is Always True. We need the "if(true)" because the Java Language Spec requires that unreachable code generate a compiler error */ /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ { Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } if (data != null) { /* This prevents \r\n (and other chars) and should prevent incidentals such * as HTTP Response Splitting and HTTP Header Injection. */ URI u; try { u = new URI(data); } catch (URISyntaxException e) { response.getWriter().write("Invalid redirect URL"); return; } /* POTENTIAL FLAW: redirect is sent verbatim; escape the string to prevent ancillary issues like XSS, Response splitting etc */ response.sendRedirect(data); return; } } }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { int data; data = Integer.MIN_VALUE; /* initialize data in case there are no cookies */ /* Read data from cookies */ { Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { /* POTENTIAL FLAW: Read data from the first cookie value */ String stringNumber = cookieSources[0].getValue(); try { data = Integer.parseInt(stringNumber.trim()); } catch (NumberFormatException exceptNumberFormat) { IO.logger.log( Level.WARNING, "Number format exception reading data from cookie", exceptNumberFormat); } } } /* serialize data to a byte array */ ByteArrayOutputStream streamByteArrayOutput = null; ObjectOutput outputObject = null; try { streamByteArrayOutput = new ByteArrayOutputStream(); outputObject = new ObjectOutputStream(streamByteArrayOutput); outputObject.writeObject(data); byte[] dataSerialized = streamByteArrayOutput.toByteArray(); (new CWE129_Improper_Validation_of_Array_Index__getCookies_Servlet_array_size_75b()) .badSink(dataSerialized, request, response); } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "IOException in serialization", exceptIO); } finally { /* clean up stream writing objects */ try { if (outputObject != null) { outputObject.close(); } } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error closing ObjectOutputStream", exceptIO); } try { if (streamByteArrayOutput != null) { streamByteArrayOutput.close(); } } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error closing ByteArrayOutputStream", exceptIO); } } }
// getBrowserInfiniteCookie public static String getBrowserInfiniteCookie(HttpServletRequest request) { Cookie[] cookieJar = request.getCookies(); if (cookieJar != null) { for (Cookie cookie : cookieJar) { if (cookie.getName().equals("infinitecookie")) { return cookie.getValue() + ";"; } } } return null; } // TESTED
/* goodB2G() - use BadSource and GoodSink */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { int count; count = Integer.MIN_VALUE; /* initialize count in case there are no cookies */ /* Read count from cookies */ { Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { /* POTENTIAL FLAW: Read count from the first cookie value */ String stringNumber = cookieSources[0].getValue(); try { count = Integer.parseInt(stringNumber.trim()); } catch (NumberFormatException exceptNumberFormat) { IO.logger.log( Level.WARNING, "Number format exception reading count from cookie", exceptNumberFormat); } } } /* serialize count to a byte array */ ByteArrayOutputStream streamByteArrayOutput = null; ObjectOutput outputObject = null; try { streamByteArrayOutput = new ByteArrayOutputStream(); outputObject = new ObjectOutputStream(streamByteArrayOutput); outputObject.writeObject(count); byte[] countSerialized = streamByteArrayOutput.toByteArray(); (new CWE400_Resource_Exhaustion__getCookies_Servlet_write_75b()) .goodB2GSink(countSerialized, request, response); } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "IOException in serialization", exceptIO); } finally { /* clean up stream writing objects */ try { if (outputObject != null) { outputObject.close(); } } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error closing ObjectOutputStream", exceptIO); } try { if (streamByteArrayOutput != null) { streamByteArrayOutput.close(); } } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error closing ByteArrayOutputStream", exceptIO); } } }
private Cookie getCookie(String name, HttpServletRequest request) { Cookie[] cookies = request.getCookies(); if (cookies == null) { return null; } for (int i = 0; i < cookies.length; i++) { if (cookies[i].getName().equals(name)) { return cookies[i]; } } return null; }
/* goodB2G() - use badsource and goodsink */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } goodB2G_sink(data, request, response); }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { data = ""; /* initialize data in case there are no cookies */ /* Read data from cookies */ { Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { /* POTENTIAL FLAW: Read data from the first cookie value */ data = cookieSources[0].getValue(); } } (new CWE89_SQL_Injection__getCookies_Servlet_executeUpdate_68b()).badSink(request, response); }
/* goodG2B2() - use goodsource and badsink by reversing statements in first if */ private void goodG2B2(HttpServletRequest request, HttpServletResponse response) throws Throwable { int data; /* INCIDENTAL: CWE 571 Statement is Always True */ if (IO.static_final_t) { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded number that won't cause underflow, overflow, divide by zero, or loss-of-precision issues */ data = 2; } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Logger log_bad = Logger.getLogger("local-logger"); /* init Data$ */ data = -1; /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { String s_data = cookieSources[0].getValue(); data = Integer.parseInt(s_data.trim()); } } /* INCIDENTAL: CWE 571 Statement is Always True */ if (IO.static_final_t) { int valueToMult = (new SecureRandom()).nextInt(98) + 2; /* multiply by at least 2 */ if (data > 0) /* ensure we don't have an underflow */ { /* POTENTIAL FLAW: if (data*valueToMult) > MAX_VALUE, this will overflow */ int result = (data * valueToMult); IO.writeLine("result: " + result); } } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ int valueToMult = (new SecureRandom()).nextInt(98) + 2; /* multiply by at least 2 */ if (data > 0) /* ensure we don't have an underflow */ { int result = 0; /* FIX: Add a check to prevent an overflow from occurring */ if (data <= (Integer.MAX_VALUE / valueToMult)) { result = (data * valueToMult); IO.writeLine("result: " + result); } else { IO.writeLine("Input value is too large to perform multiplication."); } } } }
/* goodG2B2() - use goodsource and badsink by reversing statements in first if */ private void goodG2B2(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.static_five == 5) { data = "5"; } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } if (IO.static_five == 5) { int loopNum; try { loopNum = Integer.parseInt(data); } catch (NumberFormatException nfe) { IO.writeLine("Invalid response. Numeric input expected. Assuming 1."); loopNum = 1; } for (int i = 0; i < loopNum; i++) { /* POTENTIAL FLAW: user supplied input used for loop counter test */ IO.writeLine("hello world"); } } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ int loopNum; try { loopNum = Integer.parseInt(data); } catch (NumberFormatException nfe) { IO.writeLine("Invalid response. Numeric input expected. Assuming 1."); loopNum = 1; } /* FIX: loop number thresholds validated */ if (loopNum >= 0 && loopNum <= 5) { for (int i = 0; i < loopNum; i++) { IO.writeLine("hello world"); } } } }
public String bad_source(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } return data; }
public void doPost(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { ArrayList<String> ar = new ArrayList<String>(); boolean flag = false; Cookie[] cArr = req.getCookies(); if (cArr != null) { for (int i = 0; i < cArr.length; i++) { Cookie c0 = cArr[i]; if (c0.getName().equals("Name") && !c0.getValue().equals("Logout")) { res.sendRedirect("index.html"); flag = true; } } } if (flag == false) res.sendRedirect("Login.html"); }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; data = ""; /* initialize data in case there are no cookies */ /* Read data from cookies */ { Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { /* POTENTIAL FLAW: Read data from the first cookie value */ data = cookieSources[0].getValue(); } } (new CWE470_Unsafe_Reflection__getCookies_Servlet_53b()).badSink(data, request, response); }
/* goodB2G() - use badsource and goodsink */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } (new CWE113_HTTP_Response_Splitting__getCookiesServlet_addHeaderServlet_52b()) .goodB2G_sink(data, request, response); }
/* goodB2G() - use badsource and goodsink */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } (new CWE352_Cross_Site_Request_Forgery__getCookiesServlet_71b()) .goodB2G_sink((Object) data, request, response); }