CWE: 223 Omission of Security Relevant Information Sinks: GoodSink: Log the username BadSink : Username is not logged Flow Variant: 01 Baseline

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 18 Control flow: goto statements

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 17 Control flow: for loops

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 16 Control flow: while(1)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 15 Control flow: switch(6)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 14 Control flow: if(globalFive==5) and if(globalFive!=5)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 13 Control flow: if(GLOBAL_CONST_FIVE==5) and if(GLOBAL_CONST_FIVE!=5)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 12 Control flow: if(globalReturnsTrueOrFalse())

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 11 Control flow: if(globalReturnsTrue()) and if(globalReturnsFalse())

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 10 Control flow: if(globalTrue) and if(globalFalse)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 09 Control flow: if(GLOBAL_CONST_TRUE) and if(GLOBAL_CONST_FALSE)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 08 Control flow: if(staticReturnsTrue()) and if(staticReturnsFalse())

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 07 Control flow: if(staticFive==5) and if(staticFive!=5)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 06 Control flow: if(STATIC_CONST_FIVE==5) and if(STATIC_CONST_FIVE!=5)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 05 Control flow: if(staticTrue) and if(staticFalse)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 04 Control flow: if(STATIC_CONST_TRUE) and if(STATIC_CONST_FALSE)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 03 Control flow: if(5==5) and if(5!=5)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 02 Control flow: if(1) and if(0)

CWE: 222 Truncation of Security Relevant Information Sinks: GoodSink: Log the complete username BadSink : Username is truncated before being logged Flow Variant: 01 Baseline

CWE: 176 Improper Handling of Unicode Encoding BadSource: Initialize data as a large unicode string GoodSource: Initialize data as a small unicode string Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant...

CWE: 176 Improper Handling of Unicode Encoding BadSource: Initialize data as a large unicode string GoodSource: Initialize data as a small unicode string Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant...

CWE: 176 Improper Handling of Unicode Encoding BadSource: Initialize data as a large unicode string GoodSource: Initialize data as a small unicode string Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant...

CWE: 176 Improper Handling of Unicode Encoding BadSource: Initialize data as a large unicode string GoodSource: Initialize data as a small unicode string Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant...

CWE: 176 Improper Handling of Unicode Encoding BadSource: Initialize data as a large unicode string GoodSource: Initialize data as a small unicode string Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant...

CWE: 176 Improper Handling of Unicode Encoding BadSource: Initialize data as a large unicode string GoodSource: Initialize data as a small unicode string Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant...