Description
CWE: 319 Cleartext Transmission of Sensitive Information
BadSource: Establish data as a password
GoodSource: Use a regular string (non-sensitive string)
Sinks:
GoodSink: encrypted channel
BadSink : unencrypted channel
Flow Variant: 22 Control flow: Flow controlled by value of a public static variable. Sink functions are in a separate file from sources.
Flaws
Test Suites
Documentation
Have any comments on this test case? Please, send us an email.