Description
CWE: 256 Plaintext Storage of Password
BadSource: Read the password from a file
GoodSource: Read the password from a file and decrypt it
Sinks:
GoodSink: Decrypt the password then authenticate the user using LogonUserA()
BadSink : Authenticate the user using LogonUserA()
Flow Variant: 83 Data flow: data passed to class constructor and destructor by declaring the class object on the stack
Flaws
Test Suites
Documentation
Have any comments on this test case? Please, send us an email.