/* good2() reverses the bodies in the if statement */
static void good2()
{
if(STATIC_CONST_FIVE==5)
{
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey;
/* FIX: Call SHRegOpenUSKeyA() with HKEY_CURRENT_USER (fIgnoreHKCU == FALSE) */
if (SHRegOpenUSKeyA(
keyName,
KEY_WRITE,
NULL,
&hKey,
FALSE) != ERROR_SUCCESS)
{
printLine("Registry key could not be opened");
}
else
{
printLine("Registry key opened successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
void CWE272_Least_Privilege_Violation__w32_char_SHRegOpenUSKey_06_bad()
{
if(STATIC_CONST_FIVE==5)
{
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey;
/* FLAW: Call SHRegOpenUSKeyA() with HKEY_LOCAL_MACHINE (fIgnoreHKCU == TRUE) violating the least privilege principal */
if (SHRegOpenUSKeyA(
keyName,
KEY_WRITE,
NULL,
&hKey,
TRUE) != ERROR_SUCCESS)
{
printLine("Registry key could not be opened");
}
else
{
printLine("Registry key opened successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
/* good1() uses if(STATIC_CONST_FIVE!=5) instead of if(STATIC_CONST_FIVE==5) */
static void good1()
{
if(STATIC_CONST_FIVE!=5)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey;
/* FIX: Call SHRegOpenUSKeyA() with HKEY_CURRENT_USER (fIgnoreHKCU == FALSE) */
if (SHRegOpenUSKeyA(
keyName,
KEY_WRITE,
NULL,
&hKey,
FALSE) != ERROR_SUCCESS)
{
printLine("Registry key could not be opened");
}
else
{
printLine("Registry key opened successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
/* good1() uses if(STATIC_CONST_FALSE) instead of if(STATIC_CONST_TRUE) */
static void good1()
{
if(STATIC_CONST_FALSE)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey;
/* FIX: Call SHRegCreateUSKeyA() with SHREGSET_HKCU */
if (SHRegCreateUSKeyA(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
/* good2() reverses the bodies in the if statement */
static void good2()
{
if(STATIC_CONST_TRUE)
{
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey;
/* FIX: Call SHRegCreateUSKeyA() with SHREGSET_HKCU */
if (SHRegCreateUSKeyA(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
void CWE272_Least_Privilege_Violation__w32_wchar_t_SHRegOpenUSKey_16_bad()
{
while(1)
{
{
wchar_t * keyName = L"TEST\\TestKey";
HUSKEY hKey;
/* FLAW: Call SHRegOpenUSKeyW() with HKEY_LOCAL_MACHINE (fIgnoreHKCU == TRUE) violating the least privilege principal */
if (SHRegOpenUSKeyW(
keyName,
KEY_WRITE,
NULL,
&hKey,
TRUE) != ERROR_SUCCESS)
{
printLine("Registry key could not be opened");
}
else
{
printLine("Registry key opened successfully");
SHRegCloseUSKey(hKey);
}
}
break;
}
}
void CWE272_Least_Privilege_Violation__w32_char_SHRegCreateUSKey_04_bad()
{
if(STATIC_CONST_TRUE)
{
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey;
/* FLAW: Call SHRegCreateUSKeyA() with SHREGSET_HKLM violating the least privilege principal */
if (SHRegCreateUSKeyA(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKLM) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
/* good2() reverses the blocks in the switch */
static void good2()
{
switch(6)
{
case 6:
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey = HKEY_CURRENT_USER;
/* FIX: Call SHRegCreateUSKeyA() without KEY_ALL_ACCESS as the 2nd parameter to limit access */
if (SHRegCreateUSKeyA(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
break;
}
}
void CWE272_Least_Privilege_Violation__w32_wchar_t_SHRegCreateUSKey_17_bad()
{
int j;
for(j = 0; j < 1; j++)
{
{
wchar_t * keyName = L"TEST\\TestKey";
HUSKEY hKey;
/* FLAW: Call SHRegCreateUSKeyW() with SHREGSET_HKLM violating the least privilege principal */
if (SHRegCreateUSKeyW(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKLM) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
/* good2() reverses the bodies in the if statement */
static void good2()
{
if(staticReturnsTrue())
{
{
wchar_t * keyName = L"TEST\\TestKey";
HUSKEY hKey = HKEY_CURRENT_USER;
/* FIX: Call SHRegCreateUSKeyW() without KEY_ALL_ACCESS as the 2nd parameter to limit access */
if (SHRegCreateUSKeyW(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
void CWE284_Improper_Access_Control__w32_char_SHRegCreateUSKey_15_bad()
{
switch(6)
{
case 6:
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey = HKEY_CURRENT_USER;
/* FLAW: Call SHRegCreateUSKeyA() with KEY_ALL_ACCESS as the 2nd parameter */
if (SHRegCreateUSKeyA(
keyName,
KEY_ALL_ACCESS,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
break;
default:
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
break;
}
}
/* good1() uses if(staticReturnsFalse()) instead of if(staticReturnsTrue()) */
static void good1()
{
if(staticReturnsFalse())
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
wchar_t * keyName = L"TEST\\TestKey";
HUSKEY hKey = HKEY_CURRENT_USER;
/* FIX: Call SHRegCreateUSKeyW() without KEY_ALL_ACCESS as the 2nd parameter to limit access */
if (SHRegCreateUSKeyW(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
void CWE284_Improper_Access_Control__w32_wchar_t_SHRegCreateUSKey_08_bad()
{
if(staticReturnsTrue())
{
{
wchar_t * keyName = L"TEST\\TestKey";
HUSKEY hKey = HKEY_CURRENT_USER;
/* FLAW: Call SHRegCreateUSKeyW() with KEY_ALL_ACCESS as the 2nd parameter */
if (SHRegCreateUSKeyW(
keyName,
KEY_ALL_ACCESS,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
/* good1() uses the GoodSinkBody in the while loop */
static void good1()
{
while(1)
{
{
wchar_t * keyName = L"TEST\\TestKey";
HUSKEY hKey;
/* FIX: Call SHRegOpenUSKeyW() with HKEY_CURRENT_USER (fIgnoreHKCU == FALSE) */
if (SHRegOpenUSKeyW(
keyName,
KEY_WRITE,
NULL,
&hKey,
FALSE) != ERROR_SUCCESS)
{
printLine("Registry key could not be opened");
}
else
{
printLine("Registry key opened successfully");
SHRegCloseUSKey(hKey);
}
}
break;
}
}
void CWE284_Improper_Access_Control__w32_char_SHRegCreateUSKey_16_bad()
{
while(1)
{
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey = HKEY_CURRENT_USER;
/* FLAW: Call SHRegCreateUSKeyA() with KEY_ALL_ACCESS as the 2nd parameter */
if (SHRegCreateUSKeyA(
keyName,
KEY_ALL_ACCESS,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
break;
}
}
/* good1() uses the GoodSinkBody in the for statements */
static void good1()
{
int k;
for(k = 0; k < 1; k++)
{
{
wchar_t * keyName = L"TEST\\TestKey";
HUSKEY hKey;
/* FIX: Call SHRegCreateUSKeyW() with SHREGSET_HKCU */
if (SHRegCreateUSKeyW(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
}
}
/* good1() uses the GoodSinkBody in the while loop */
static void good1()
{
while(1)
{
{
char * keyName = "TEST\\TestKey";
HUSKEY hKey = HKEY_CURRENT_USER;
/* FIX: Call SHRegCreateUSKeyA() without KEY_ALL_ACCESS as the 2nd parameter to limit access */
if (SHRegCreateUSKeyA(
keyName,
KEY_WRITE,
NULL,
&hKey,
SHREGSET_HKCU) != ERROR_SUCCESS)
{
printLine("Registry key could not be created");
}
else
{
printLine("Registry key created successfully");
SHRegCloseUSKey(hKey);
}
}
break;
}
}
void CPlugins::Enumerate()
{
HUSKEY hKey = NULL;
if ( SHRegOpenUSKey( REGISTRY_KEY _T("\\Plugins\\General"),
KEY_READ, NULL, &hKey, FALSE ) != ERROR_SUCCESS ) return;
for ( DWORD nKey = 0 ; ; nKey++ )
{
TCHAR szName[ 128 ], szCLSID[ 64 ];
DWORD dwType, dwName = _countof( szName ), dwCLSID = sizeof( szCLSID );
if ( SHRegEnumUSValue( hKey, nKey, szName, &dwName, &dwType,
(LPBYTE)szCLSID, &dwCLSID, SHREGENUM_DEFAULT ) != ERROR_SUCCESS ) break;
if ( dwType != REG_SZ ) continue;
szCLSID[ 38 ] = 0;
CLSID pCLSID;
if ( ! Hashes::fromGuid( szCLSID, &pCLSID ) ) continue;
CQuickLock oLock( m_pSection );
for ( POSITION pos = GetIterator() ; pos ; )
{
if ( GetNext( pos )->m_pCLSID == pCLSID )
{
pCLSID = GUID_NULL;
break;
}
}
if ( pCLSID == GUID_NULL ) continue;
if ( CPlugin* pPlugin = new CPlugin( pCLSID, szName ) )
{
m_pList.AddTail( pPlugin );
if ( LookupEnable( pCLSID ) )
pPlugin->Start();
}
}
SHRegCloseUSKey( hKey );
}
