/* goodB2G() - use badsource and goodsink */
public void goodB2G_sink(String data, HttpServletRequest request, HttpServletResponse response)
throws Throwable {
String prefix = "Tru3ly 0b$scUre";
MessageDigest hash = MessageDigest.getInstance("SHA512");
/* FIX: credentials hashed prior to setting in cookie */
byte[] hashv = hash.digest((prefix + data).getBytes());
response.addCookie(new Cookie("auth", IO.toHex(hashv)));
}
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
/* INCIDENTAL: CWE 571 Statement is Always True */
if (5 == 5) {
Logger log_bad = Logger.getLogger("local-logger");
data = ""; /* init data */
/* read user input from console with readLine*/
BufferedReader buffread = null;
InputStreamReader instrread = null;
try {
instrread = new InputStreamReader(System.in);
buffread = new BufferedReader(instrread);
data = buffread.readLine();
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (instrread != null) {
instrread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing instrread");
}
}
}
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
}
/* INCIDENTAL: CWE 571 Statement is Always True */
if (5 == 5) {
/* NOTE: potential incidental issues with not setting secure or HttpOnly flag */
String fp = "../common/config.properties";
/* simple pre-set key makes the stored password recoverable */
String sharedKey = "0000000000000000";
byte[] input = data.getBytes();
SecretKeySpec key = new SecretKeySpec(sharedKey.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding", "BC");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherText = cipher.doFinal(input);
/* FLAW: writing a recoverable password to a cookie */
response.addCookie(new Cookie("auth", new String(cipherText)));
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
String prefix = "Tru3ly 0b$scUre";
MessageDigest hash = MessageDigest.getInstance("SHA512");
/* FIX: credentials hashed prior to setting in cookie */
byte[] hashv = hash.digest((prefix + data).getBytes());
response.addCookie(new Cookie("auth", IO.toHex(hashv)));
}
}
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String data;
/* INCIDENTAL: CWE 571 Statement is Always True */
if (private_final_five == 5) {
Logger log_bad = Logger.getLogger("local-logger");
data = ""; /* init data */
Connection conn = null;
PreparedStatement statement = null;
ResultSet rs = null;
BufferedReader buffread = null;
InputStreamReader instrread = null;
try {
/* setup the connection */
conn = IO.getDBConnection();
/* prepare the query */
statement = conn.prepareStatement("select name from users where id=?");
/* get user input for the userid */
IO.writeLine("Enter a userid to login as (number): ");
instrread = new InputStreamReader(System.in);
buffread = new BufferedReader(instrread);
int num = Integer.parseInt(buffread.readLine());
statement.setInt(1, num);
rs = statement.executeQuery();
data = rs.getString(1);
} catch (IOException ioe) {
log_bad.warning("Error with stream reading");
} finally {
/* clean up stream reading objects */
try {
if (buffread != null) {
buffread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing buffread");
} finally {
try {
if (instrread != null) {
instrread.close();
}
} catch (IOException ioe) {
log_bad.warning("Error closing instrread");
}
}
/* clean up database objects */
try {
if (rs != null) {
rs.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing rs");
} finally {
try {
if (statement != null) {
statement.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing statement");
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException se) {
log_bad.warning("Error closing conn");
}
}
}
}
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
/* FIX: Use a hardcoded string */
data = "foo";
}
/* INCIDENTAL: CWE 571 Statement is Always True */
if (private_final_five == 5) {
/* NOTE: potential incidental issues with not setting secure or HttpOnly flag */
String fp = "../common/config.properties";
/* simple pre-set key makes the stored password recoverable */
String sharedKey = "0000000000000000";
byte[] input = data.getBytes();
SecretKeySpec key = new SecretKeySpec(sharedKey.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding", "BC");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherText = cipher.doFinal(input);
/* FLAW: writing a recoverable password to a cookie */
response.addCookie(new Cookie("auth", new String(cipherText)));
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
String prefix = "Tru3ly 0b$scUre";
MessageDigest hash = MessageDigest.getInstance("SHA512");
/* FIX: credentials hashed prior to setting in cookie */
byte[] hashv = hash.digest((prefix + data).getBytes());
response.addCookie(new Cookie("auth", IO.toHex(hashv)));
}
}
