Java InputStreamReader примеры использования

Пример #1

Файл: CWE321_Hard_Coded_Cryptographic_Key__basic_51a.java Проект: CheckmarxGitHub/GitFun

  /* goodG2B() - use goodsource and badsink */
  private void goodG2B() throws Throwable {
    String data;

    java.util.logging.Logger log_gsrc = java.util.logging.Logger.getLogger("local-logger");

    BufferedReader bufread2 = null;
    InputStreamReader inread2 = null;

    data = ""; /* init data */

    try {
      inread2 = new InputStreamReader(System.in);
      bufread2 = new BufferedReader(inread2);

      /* FIX: read key from console */
      data = bufread2.readLine();
    } catch (IOException e) {
      log_gsrc.warning("Error reading from console");
    } finally {
      try {
        if (bufread2 != null) {
          bufread2.close();
        }
      } catch (IOException e) {
        log_gsrc.warning("Error closing bufread2");
      } finally {
        try {
          if (inread2 != null) {
            inread2.close();
          }
        } catch (IOException e) {
          log_gsrc.warning("Error closing inread2");
        }
      }
    }

    (new CWE321_Hard_Coded_Cryptographic_Key__basic_51b()).goodG2B_sink(data);
  }

Пример #2

Файл: CWE259_Hard_Coded_Password__driverManager_15.java Проект: CheckmarxGitHub/GitFun

  /* uses badsource and badsink */
  public void bad() throws Throwable {
    String data;
    switch (6) {
      case 6:
        {
          data = "pass";
        }
        break;
      default:
        /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
        {
          java.util.logging.Logger log_good_source =
              java.util.logging.Logger.getLogger("local-logger");
          BufferedReader bufread2 = null;
          InputStreamReader inread2 = null;
          Properties prop = new Properties();
          IO.writeLine("Enter the password: "******"";
          try {
            inread2 = new InputStreamReader(System.in);
            bufread2 = new BufferedReader(inread2);
            /* FIX: password is read from stdin */
            data = bufread2.readLine();
          } catch (Exception e) {
            log_good_source.warning("Exception in try");
          } finally {
            try {
              if (bufread2 != null) {
                bufread2.close();
              }
            } catch (IOException e) {
              log_good_source.warning("Error closing bufread2");
            } finally {
              try {
                if (inread2 != null) {
                  inread2.close();
                }
              } catch (IOException e) {
                log_good_source.warning("Error closing inread2");
              }
            }
          }
        }
        break;
    }

    java.util.logging.Logger log2 = java.util.logging.Logger.getLogger("local-logger");

    Connection conn2 = null;
    PreparedStatement st = null;
    ResultSet rs2 = null;
    String pw = data;
    try {
      /* POTENTIAL FLAW: use of hard-coded password */
      conn2 = DriverManager.getConnection("data-url", "root", pw);
      st = conn2.prepareStatement("select * from test_table");
      rs2 = st.executeQuery();
    } catch (SQLException e) {
      log2.warning("Error with database connection");
    } finally {
      try {
        if (rs2 != null) {
          rs2.close();
        }
      } catch (SQLException e) {
        log2.warning("Error closing rs2");
      } finally {
        try {
          if (st != null) {
            st.close();
          }
        } catch (SQLException e) {
          log2.warning("Error closing st");
        } finally {
          try {
            if (conn2 != null) {
              conn2.close();
            }
          } catch (SQLException e) {
            log2.warning("Error closing conn2");
          }
        }
      }
    }
  }