hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
z80coder/ATM-feature-optimisation
codeql/java/ql/test/query-tests/security/CWE-421/semmle/Test.java
yo-h e194411cfa Java: fix javac errors in test code
2021-02-09 09:16:57 -05:00

78 lines
2.2 KiB
Java
Raw Permalink Blame History

// Test case for CWE-421 (Race Condition During Access to Alternate Channel)
// http://cwe.mitre.org/data/definitions/421.html
package test.cwe807.semmle.tests;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.nio.ByteBuffer;
import java.nio.channels.ServerSocketChannel;
import java.nio.channels.SocketChannel;
class Test {
byte[] secretData = "The password is: passw0rd".getBytes();
// fake stub for testing
public boolean isAuthenticated(String username) {
return true;
}
// fake stub for testing
public boolean doAuthenticate(Socket connection, String username) {
return true;
}
// fake stub for testing
public boolean doAuthenticate(SocketChannel connection, String username) {
return true;
}
public void doConnect(int desiredPort, String username) throws Exception {
ServerSocket listenSocket = new ServerSocket(desiredPort);
if (isAuthenticated(username)) {
Socket connection1 = listenSocket.accept();
// BAD: no authentication over the socket
connection1.getOutputStream().write(secretData);
}
Socket connection2 = listenSocket.accept();
// GOOD: authentication happens over the socket
if (doAuthenticate(connection2, username)) {
connection2.getOutputStream().write(secretData);
}
if (isAuthenticated(username)) {
// FP: we authenticate both beforehand and over the socket
Socket connection3 = listenSocket.accept();
if (doAuthenticate(connection3, username)) {
connection3.getOutputStream().write(secretData);
}
}
}
public void doConnectChannel(int desiredPort, String username) throws Exception {
ServerSocketChannel listenChannel = ServerSocketChannel.open();
SocketAddress port = new InetSocketAddress(desiredPort);
listenChannel.bind(port);
if (isAuthenticated(username)) {
SocketChannel connection1 = listenChannel.accept();
// BAD: no authentication over the socket
connection1.write(ByteBuffer.wrap(secretData));
}
SocketChannel connection2 = listenChannel.accept();
// GOOD: authentication happens over the socket
if (doAuthenticate(connection2, username)) {
connection2.write(ByteBuffer.wrap(secretData));
}
}
}
Reference in New Issue View Git Blame Copy Permalink