Skip to content
This repository has been archived by the owner on Aug 8, 2024. It is now read-only.

Credscan second round #404

Merged
merged 1 commit into from
Mar 15, 2021
Merged

Credscan second round #404

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/Common/tests/System/Net/Configuration.Certificates.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ public static partial class Configuration
{
public static partial class Certificates
{
private const string CertificatePassword = "testcertificate";
private const string TestDataFolder = "TestData";
private const string CertificatePassword = "PLACEHOLDER";
private const string TestDataFolder = "TestDataCertificates";

private static readonly Mutex m;
private const int MutexTimeout = 120 * 1000;
Expand Down
58 changes: 29 additions & 29 deletions src/System.Data.Common/tests/System/Data/Common/DbConnectionStringBuilderTest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1867,12 +1867,12 @@ public void EmbeddedCharTest1()

sb["Data Source"] = "testdb";
sb["User ID"] = "someuser";
sb["Password"] = "abcdef";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=abcdef",
sb["Password"] = "PLACEHOLDER";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=PLACEHOLDER",
sb.ConnectionString);

sb["Password"] = "abcdef#";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=abcdef#",
sb["Password"] = "PLACEHOLDER#";
Assert.Equal("Data Source=testdb;User ID=someuser;Password=PLACEHOLDER#",
sb.ConnectionString);

// an embedded single-quote value will result in the value being delimieted with double quotes
Expand All @@ -1893,39 +1893,39 @@ public void EmbeddedCharTest1()
sb.ConnectionString);

sb = new DbConnectionStringBuilder();
sb["PASSWORD"] = "abcdef1";
sb["PASSWORD"] = "PLACEHOLDERabcdef1";
sb["user id"] = "someuser";
sb["Data Source"] = "testdb";
Assert.Equal("PASSWORD=abcdef1;user id=someuser;Data Source=testdb",
Assert.Equal("PASSWORD=PLACEHOLDERabcdef1;user id=someuser;Data Source=testdb",
sb.ConnectionString);

// case is preserved for a keyword that was added the first time
sb = new DbConnectionStringBuilder();
sb["PassWord"] = "abcdef2";
sb["PassWord"] = "PLACEHOLDERabcdef2";
sb["uSER iD"] = "someuser";
sb["DaTa SoUrCe"] = "testdb";
Assert.Equal("PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb",
Assert.Equal("PassWord=PLACEHOLDERabcdef2;uSER iD=someuser;DaTa SoUrCe=testdb",
sb.ConnectionString);
sb["passWORD"] = "abc123";
Assert.Equal("PassWord=abc123;uSER iD=someuser;DaTa SoUrCe=testdb",
sb["passWORD"] = "PLACEHOLDERabc123";
Assert.Equal("PassWord=PLACEHOLDERabc123;uSER iD=someuser;DaTa SoUrCe=testdb",
sb.ConnectionString);

// embedded equal sign in the value will cause the value to be
// delimited with double-quotes
sb = new DbConnectionStringBuilder();
sb["Password"] = "abc=def";
sb["Password"] = "PLACEHOLDER=def";
sb["Data Source"] = "testdb";
sb["User ID"] = "someuser";
Assert.Equal("Password=\"abc=def\";Data Source=testdb;User ID=someuser",
Assert.Equal("Password=\"PLACEHOLDER=def\";Data Source=testdb;User ID=someuser",
sb.ConnectionString);

// embedded semicolon in the value will cause the value to be
// delimited with double-quotes
sb = new DbConnectionStringBuilder();
sb["Password"] = "abc;def";
sb["Password"] = "PLACEHOLDER;def";
sb["Data Source"] = "testdb";
sb["User ID"] = "someuser";
Assert.Equal("Password=\"abc;def\";Data Source=testdb;User ID=someuser",
Assert.Equal("Password=\"PLACEHOLDER;def\";Data Source=testdb;User ID=someuser",
sb.ConnectionString);

// more right parentheses then left parentheses - happily takes it
Expand Down Expand Up @@ -2042,32 +2042,32 @@ public void EmbeddedCharTest3()
DbConnectionStringBuilder sb;

sb = new DbConnectionStringBuilder();
sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
Assert.Equal(dataSource, sb["Data Source"]);
Assert.Equal("SCOTT", sb["User ID"]);
Assert.Equal("TiGeR", sb["Password"]);
Assert.Equal("PLACEHOLDER", sb["Password"]);
Assert.Equal(
"user id=SCOTT;password=TiGeR;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"user id=SCOTT;password=PLACEHOLDER;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
"(SERVICE_NAME=TESTDB)))\"", sb.ConnectionString);

sb = new DbConnectionStringBuilder(false);
sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
Assert.Equal(dataSource, sb["Data Source"]);
Assert.Equal("SCOTT", sb["User ID"]);
Assert.Equal("TiGeR", sb["Password"]);
Assert.Equal("PLACEHOLDER", sb["Password"]);
Assert.Equal(
"user id=SCOTT;password=TiGeR;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"user id=SCOTT;password=PLACEHOLDER;data source=\"(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
"(SERVICE_NAME=TESTDB)))\"", sb.ConnectionString);

sb = new DbConnectionStringBuilder(true);
sb.ConnectionString = "User ID=SCOTT;Password=TiGeR;Data Source=" + dataSource;
sb.ConnectionString = "User ID=SCOTT;Password=PLACEHOLDER;Data Source=" + dataSource;
Assert.Equal(dataSource, sb["Data Source"]);
Assert.Equal("SCOTT", sb["User ID"]);
Assert.Equal("TiGeR", sb["Password"]);
Assert.Equal("PLACEHOLDER", sb["Password"]);
Assert.Equal(
"user id=SCOTT;password=TiGeR;data source=(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"user id=SCOTT;password=PLACEHOLDER;data source=(DESCRIPTION=(ADDRESS=(PROTOCOL=" +
"TCP)(HOST=192.168.1.101)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)" +
"(SERVICE_NAME=TESTDB)))", sb.ConnectionString);
}
Expand All @@ -2078,24 +2078,24 @@ public void EmbeddedCharTest4()
DbConnectionStringBuilder sb;

sb = new DbConnectionStringBuilder();
sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
sb.ConnectionString = "PassWord=PLACEHOLDER;uSER iD=someuser;DaTa SoUrCe=testdb";
sb["Integrated Security"] = "False";
Assert.Equal(
"password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
"password=PLACEHOLDER;user id=someuser;data source=testdb;Integrated Security=False",
sb.ConnectionString);

sb = new DbConnectionStringBuilder(false);
sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
sb.ConnectionString = "PassWord=PLACEHOLDER;uSER iD=someuser;DaTa SoUrCe=testdb";
sb["Integrated Security"] = "False";
Assert.Equal(
"password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
"password=PLACEHOLDER;user id=someuser;data source=testdb;Integrated Security=False",
sb.ConnectionString);

sb = new DbConnectionStringBuilder(true);
sb.ConnectionString = "PassWord=abcdef2;uSER iD=someuser;DaTa SoUrCe=testdb";
sb.ConnectionString = "PassWord=PLACEHOLDER;uSER iD=someuser;DaTa SoUrCe=testdb";
sb["Integrated Security"] = "False";
Assert.Equal(
"password=abcdef2;user id=someuser;data source=testdb;Integrated Security=False",
"password=PLACEHOLDER;user id=someuser;data source=testdb;Integrated Security=False",
sb.ConnectionString);
}

Expand Down
2 changes: 1 addition & 1 deletion src/System.Data.SqlClient/tests/Tools/TDS/TDS.Servers/TDSServerArguments.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ public TDSServerArguments()
// By Default SQL authentication will be used.
FedAuthRequiredPreLoginOption = TdsPreLoginFedAuthRequiredOption.FedAuthNotRequired;

EncryptionCertificate = new X509Certificate2("TdsServerCertificate.pfx", "SecretPassword123456");
EncryptionCertificate = new X509Certificate2("TdsServerCertificate.pfx", "PLACEHOLDER");

ServerPrincipalName = AzureADServicePrincipalName;
StsUrl = AzureADProductionTokenEndpoint;
Expand Down
Binary file modified src/System.Data.SqlClient/tests/Tools/TDS/TDS.Servers/TdsServerCertificate.pfx
View file
Open in desktop
Binary file not shown.
6 changes: 3 additions & 3 deletions src/System.Net.Http/tests/UnitTests/HttpEnvironmentProxyTest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ public void HttpProxy_CredentialParsing_Basic()
{
IWebProxy p;

Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000");
Environment.SetEnvironmentVariable("all_proxy", "http://foo:PLACEHOLDER@1.1.1.1:3000");
Assert.True(HttpEnvironmentProxy.TryCreate(out p));
Assert.NotNull(p);
Assert.NotNull(p.Credentials);
Expand All @@ -171,7 +171,7 @@ public void HttpProxy_CredentialParsing_Basic()
Assert.NotNull(p.Credentials);

// Use different user for http and https
Environment.SetEnvironmentVariable("https_proxy", "http://foo1:bar1@1.1.1.1:3000");
Environment.SetEnvironmentVariable("https_proxy", "http://foo1:PLACEHOLDER@1.1.1.1:3000");
Assert.True(HttpEnvironmentProxy.TryCreate(out p));
Assert.NotNull(p);
Uri u = p.GetProxy(fooHttp);
Expand All @@ -194,7 +194,7 @@ public void HttpProxy_Exceptions_Match()
IWebProxy p;

Environment.SetEnvironmentVariable("no_proxy", ".test.com,, foo.com");
Environment.SetEnvironmentVariable("all_proxy", "http://foo:bar@1.1.1.1:3000");
Environment.SetEnvironmentVariable("all_proxy", "http://foo:PLACEHOLDER@1.1.1.1:3000");
Assert.True(HttpEnvironmentProxy.TryCreate(out p));
Assert.NotNull(p);

Expand Down
2 changes: 1 addition & 1 deletion src/System.Private.Uri/tests/FunctionalTests/UriBuilderRefreshTest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ namespace System.PrivateUri.Tests
{
public class UriBuilderRefreshTest
{
private static Uri s_starterUri = new Uri("http://user:psw@host:9090/path/file.txt?query#fragment");
private static Uri s_starterUri = new Uri("http://user:PLACEHOLDER@host:9090/path/file.txt?query#fragment");

[Fact]
public void UriBuilder_ChangeScheme_Refreshed()
Expand Down
2 changes: 1 addition & 1 deletion src/System.Private.Uri/tests/FunctionalTests/UriBuilderTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -217,7 +217,7 @@ public void UserName_Get_Set(string value, string expected)
[InlineData(null, "")]
public void Password_Get_Set(string value, string expected)
{
var uriBuilder = new UriBuilder("http://userinfo1:userinfo2@domain/path?query#fragment");
var uriBuilder = new UriBuilder("http://userinfo1:PLACEHOLDER@domain/path?query#fragment");
uriBuilder.Password = value;
Assert.Equal(expected, uriBuilder.Password);

Expand Down
22 changes: 11 additions & 11 deletions src/System.Private.Uri/tests/FunctionalTests/UriRelativeResolutionTest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,10 @@ public class UriRelativeResolutionTest
{
// See RFC 3986 Section 5.2.2 and 5.4 http://www.ietf.org/rfc/rfc3986.txt

private readonly Uri _fullBaseUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?query#fragment");
private const string FullBaseUriGetLeftPart_Path = "http://user:psw@host:9090/path1/path2/path3/fileA";
private const string FullBaseUriGetLeftPart_Authority = "http://user:psw@host:9090";
private const string FullBaseUriGetLeftPart_Query = "http://user:psw@host:9090/path1/path2/path3/fileA?query";
private readonly Uri _fullBaseUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA?query#fragment");
private const string FullBaseUriGetLeftPart_Path = "http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA";
private const string FullBaseUriGetLeftPart_Authority = "http://user:PLACEHOLDER@host:9090";
private const string FullBaseUriGetLeftPart_Query = "http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA?query";

[Fact]
public void Uri_Relative_BaseVsAbsolute_ReturnsFullAbsolute()
Expand Down Expand Up @@ -535,7 +535,7 @@ public void Uri_Relative_BaseVsSlashTrippleDotSlash_ReturnsSlashTrippleDotSlash(
[Fact]
public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/fileA?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/fileA?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);

String expectedResult = "?AQuery#AFragment"; // compareUri.GetParts(UriComponents.Query | UriComponents.Fragment,UriFormat.Unescaped);
Expand All @@ -545,7 +545,7 @@ public void Uri_Relative_BaseMadeRelativeToSamePath_ReturnsQueryAndFragment()
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric

Expand All @@ -558,7 +558,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlashPlusQueryAnd
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric

Expand All @@ -570,7 +570,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlash_ReturnsDotSlash()
[Fact]
public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/path3/Path4/fileb?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric

Expand All @@ -582,7 +582,7 @@ public void Uri_Relative_BaseMadeRelativeToLastSlashWithExtra_ReturnsDotSlashPlu
[Fact]
public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/path2/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/path2/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric

Expand All @@ -594,7 +594,7 @@ public void Uri_Relative_BaseMadeRelativeToSecondToLastSlash_ReturnsDoubleDotSla
[Fact]
public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/path1/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/path1/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric

Expand All @@ -606,7 +606,7 @@ public void Uri_Relative_BaseMadeRelativeToThirdToLastSlash_ReturnsDoubleDoubleD
[Fact]
public void Uri_Relative_BaseMadeRelativeToEmptyPath_ReturnsTrippleDoubleDotSlashPlusQueryAndFragment()
{
Uri compareUri = new Uri("http://user:psw@host:9090/?AQuery#AFragment");
Uri compareUri = new Uri("http://user:PLACEHOLDER@host:9090/?AQuery#AFragment");
Uri relative = _fullBaseUri.MakeRelativeUri(compareUri);
Uri reassembled = new Uri(_fullBaseUri, relative); // Symetric

Expand Down
2 changes: 1 addition & 1 deletion src/System.Runtime/tests/System/Uri.CreateStringTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -424,7 +424,7 @@ public static IEnumerable<object[]> Scheme_Authority_TestData()
yield return new object[] { "http://abc\u1234\u2345\u3456@host/", "http", "abc%E1%88%B4%E2%8D%85%E3%91%96", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://\u1234abc\u2345\u3456@host/", "http", "%E1%88%B4abc%E2%8D%85%E3%91%96", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://\u1234\u2345\u3456abc@host/", "http", "%E1%88%B4%E2%8D%85%E3%91%96abc", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://userinfo!~+-_*()[]:;&$=123USERINFO@host/", "http", "userinfo!~+-_*()[]:;&$=123USERINFO", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://userinfo!~+-_*()[]:;&$=123PLACEHOLDER@host/", "http", "userinfo!~+-_*()[]:;&$=123PLACEHOLDER", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://%68%65%6C%6C%6F@host/", "http", "hello", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { @"http://£@host/", "http", "%C2%A3", "host", UriHostNameType.Dns, 80, true, false };
yield return new object[] { "http://\u1234@host/", "http", "%E1%88%B4", "host", UriHostNameType.Dns, 80, true, false };
Expand Down
Loading