hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
testing-power-shell-on-dca
codeql/csharp/ql/test/query-tests/Security Features/CWE-327/InsecureSQLConnectionInitializer/InsecureSQLConnectionInitializer.cs
Raul Garcia c1f7422f0e Fixing test cases
2024-10-09 16:53:33 -07:00

44 lines
1.4 KiB
C#
Raw Permalink Blame History

namespace System.Data.SqlClient
{
public sealed class SqlConnectionStringBuilder
{
public bool Encrypt { get; set; }
public SqlConnectionStringBuilder(string connectionString) { }
}
}
namespace InsecureSQLConnection
{
public class Class1
{
void Test6()
{
string connectString = "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false";
var conn = new System.Data.SqlClient.SqlConnectionStringBuilder(connectString) { Encrypt = false }; // Bug - cs/insecure-sql-connection-initializer
}
void Test72ndPhase(bool encrypt)
{
string connectString = "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false";
var conn = new System.Data.SqlClient.SqlConnectionStringBuilder(connectString) { Encrypt = encrypt }; // Bug - cs/insecure-sql-connection-initializer (sink)
}
void Test7()
{
Test72ndPhase(false); // Bug - cs/insecure-sql-connection-initializer (source)
}
void Test7FP()
{
Test72ndPhase(true); // Not a bug source
}
void Test8FP()
{
string connectString = "Server=1.2.3.4;Database=Anything;UID=ab;Pwd=cd;Encrypt=false";
var conn = new System.Data.SqlClient.SqlConnectionStringBuilder(connectString) { Encrypt = true };
}
}
}
Reference in New Issue View Git Blame Copy Permalink