CWE: 256 Plaintext Storage of Password
BadSource: Read the password from a file
GoodSource: Read the password from a file and decrypt it
GoodSink: Decrypt the password then authenticate the user using LogonUserW()
BadSink : Authenticate the user using LogonUserW()
Flow Variant: 84 Data flow: data passed to class constructor and destructor by declaring the class object on the heap and deleting it after use
Have any comments on this test case? Please, send us an email.