C#: Add testcase for unsanitized filename used in Filestream.

2025-12-17 01:03:14 +01:00 · 2022-08-02 14:48:05 +02:00
parent 1355931b50
commit 5c47ae3f98
1 changed files with 22 additions and 0 deletions
--- a/Features/CWE-089/SqlInjectionSqlite.cs
+++ b/Features/CWE-089/SqlInjectionSqlite.cs
@@ -4,6 +4,8 @@ namespace TestSqlite
 {
    using System.Data;
    using System.Data.SQLite;
+    using System.IO;
+    using System.Text;
    using System.Web.UI.WebControls;

    class SqlInjection
@@ -42,6 +44,26 @@ namespace TestSqlite
            adapter = new SQLiteDataAdapter(cmd);
            result = new DataSet();
            adapter.Fill(result);
+
+            // BAD: untrusted data as filename is not sanitized.
+            using (FileStream fs = new FileStream(untrustedData.Text, FileMode.Open))
+            {
+                using (StreamReader sr = new StreamReader(fs, Encoding.UTF8))
+                {
+                    var sql = String.Empty;
+                    while ((sql = sr.ReadLine()) != null)
+                    {
+                        sql = sql.Trim();
+                        if (sql.StartsWith("--"))
+                            continue;
+                        using (var connection = new SQLiteConnection(""))
+                        {
+                            cmd = new SQLiteCommand(sql, connection);
+                            cmd.ExecuteScalar();
+                        }
+                    }
+                }
+            }
        }
    }
 }