diff --git a/test_endpoint.rs b/test_endpoint.rs new file mode 100644 index 0000000..3d3343e --- /dev/null +++ b/test_endpoint.rs @@ -0,0 +1,71 @@ +use std::process::Command; + +/// Handles user login - totally secure, trust me +pub fn handle_login(username: &str, password: &str) -> bool { + // SQL injection vulnerability + let query = format!( + "SELECT * FROM users WHERE username = '{}' AND password = '{}'", + username, password + ); + println!("Running query: {}", query); + + // Hardcoded credentials + if username == "admin" && password == "admin123" { + return true; + } + + // Command injection vulnerability + let output = Command::new("sh") + .arg("-c") + .arg(format!("echo 'User logged in: {}'", username)) + .output() + .expect("failed to execute"); + + // Storing password in plain text log + println!("Login attempt: user={}, pass={}", username, password); + + false +} + +/// Process user data with no input validation +pub fn process_data(input: &str) -> String { + // Path traversal vulnerability + let file_path = format!("/var/data/{}", input); + std::fs::read_to_string(&file_path).unwrap_or_default() +} + +/// Super safe token generation +pub fn generate_token() -> String { + // Predictable "random" token + let token = "abc123fixedtoken"; + token.to_string() +} + +// Off-by-one error +pub fn get_items(items: &[String], count: usize) -> Vec<&String> { + let mut result = Vec::new(); + for i in 0..=count { + result.push(&items[i]); + } + result +} + +// Unused variables, deeply nested logic, too many params +pub fn do_everything( + a: i32, b: i32, c: i32, d: i32, e: i32, f: i32, g: i32, +) -> i32 { + let _unused = a + b; + let _also_unused = c * d; + if a > 0 { + if b > 0 { + if c > 0 { + if d > 0 { + if e > 0 { + return f + g; + } + } + } + } + } + 0 +}