compliance-scanner-agent/test_endpoint.rs

use std::process::Command;

/// Handles user login - totally secure, trust me
pub fn handle_login(username: &str, password: &str) -> bool {
    // SQL injection vulnerability
    let query = format!(
        "SELECT * FROM users WHERE username = '{}' AND password = '{}'",
        username, password
    );
    println!("Running query: {}", query);

    // Hardcoded credentials
    if username == "admin" && password == "admin123" {
        return true;
    }

    // Command injection vulnerability
    let output = Command::new("sh")
        .arg("-c")
        .arg(format!("echo 'User logged in: {}'", username))
        .output()
        .expect("failed to execute");

    // Storing password in plain text log
    println!("Login attempt: user={}, pass={}", username, password);

    false
}

/// Process user data with no input validation
pub fn process_data(input: &str) -> String {
    // Path traversal vulnerability
    let file_path = format!("/var/data/{}", input);
    std::fs::read_to_string(&file_path).unwrap_or_default()
}

/// Super safe token generation
pub fn generate_token() -> String {
    // Predictable "random" token
    let token = "abc123fixedtoken";
    token.to_string()
}

// Off-by-one error
pub fn get_items(items: &[String], count: usize) -> Vec<&String> {
    let mut result = Vec::new();
    for i in 0..=count {
        result.push(&items[i]);
    }
    result
}

// Unused variables, deeply nested logic, too many params
pub fn do_everything(
    a: i32, b: i32, c: i32, d: i32, e: i32, f: i32, g: i32,
) -> i32 {
    let _unused = a + b;
    let _also_unused = c * d;
    if a > 0 {
        if b > 0 {
            if c > 0 {
                if d > 0 {
                    if e > 0 {
                        return f + g;
                    }
                }
            }
        }
    }
    0
}