/* TEMPLATE GENERATED TESTCASE FILE Filename: CWE90_LDAP_Injection__listen_tcp_22b.java Label Definition File: CWE90_LDAP_Injection.label.xml Template File: sources-sink-22b.tmpl.java */ /* * @description * CWE: 90 LDAP Injection * BadSource: listen_tcp Read data using a listening tcp connection * GoodSource: A hardcoded string * Sinks: * BadSink : data concatenated into LDAP search, which could result in LDAP Injection * Flow Variant: 22 Control flow: Flow controlled by value of a public static variable. Sink functions are in a separate file from sources. * * */ package testcases.CWE90_LDAP_Injection; import testcasesupport.*; import javax.servlet.http.*; import java.io.BufferedReader; import java.io.InputStreamReader; import java.io.IOException; import java.net.Socket; import java.net.ServerSocket; import java.util.logging.Level; public class CWE90_LDAP_Injection__listen_tcp_22b { public String badSource() throws Throwable { String data; if (CWE90_LDAP_Injection__listen_tcp_22a.badPublicStatic) { data = ""; /* Initialize data */ /* Read data using a listening tcp connection */ { ServerSocket listener = null; Socket socket = null; BufferedReader readerBuffered = null; InputStreamReader readerInputStream = null; /* Read data using a listening tcp connection */ try { listener = new ServerSocket(39543); socket = listener.accept(); /* read input from socket */ readerInputStream = new InputStreamReader(socket.getInputStream(), "UTF-8"); readerBuffered = new BufferedReader(readerInputStream); /* POTENTIAL FLAW: Read data using a listening tcp connection */ data = readerBuffered.readLine(); } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error with stream reading", exceptIO); } finally { /* Close stream reading objects */ try { if (readerBuffered != null) { readerBuffered.close(); } } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error closing BufferedReader", exceptIO); } try { if (readerInputStream != null) { readerInputStream.close(); } } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error closing InputStreamReader", exceptIO); } /* Close socket objects */ try { if (socket != null) { socket.close(); } } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error closing Socket", exceptIO); } try { if (listener != null) { listener.close(); } } catch (IOException exceptIO) { IO.logger.log(Level.WARNING, "Error closing ServerSocket", exceptIO); } } } } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run * but ensure data is inititialized before the Sink to avoid compiler errors */ data = null; } return data; } /* goodG2B1() - use goodsource and badsink by setting the static variable to false instead of true */ public String goodG2B1Source() throws Throwable { String data; if (CWE90_LDAP_Injection__listen_tcp_22a.goodG2B1PublicStatic) { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run * but ensure data is inititialized before the Sink to avoid compiler errors */ data = null; } else { /* FIX: Use a hardcoded string */ data = "foo"; } return data; } /* goodG2B2() - use goodsource and badsink by reversing the blocks in the if in the sink function */ public String goodG2B2Source() throws Throwable { String data; if (CWE90_LDAP_Injection__listen_tcp_22a.goodG2B2PublicStatic) { /* FIX: Use a hardcoded string */ data = "foo"; } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run * but ensure data is inititialized before the Sink to avoid compiler errors */ data = null; } return data; } }