perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stevethames <st...@softlife.com>
Subject Re: Insecure dependency in unlink while running with -T switch
Date Sun, 08 Jul 2007 17:36:58 GMT

Clint, you are a steely-eyed, missle man!

In fact, I had taken the statement '$fp =~ /(.+)/' directly from another
page as a posted solution to this problem without even looking at it.  After
your email, I felt like an idiot as it was obvious that all this statement
would do was set $& and $1.  

The is_tainted() subroutine from the camel book is clearly crap as I ran $fp
through there and it returned false.  I was surprised when your solution
worked because I did not think $fp was tainted to begin with although I had
checked through is_tainted().  It was not created from an environment
variable or command line argument and did not originate through piped or
file input.  Following your email, however, I realized $fp was tainted
bacause it came from a field value in a posted form.

Anyway, that solved my problem.  Just goes to show--always test the solution
someone posts even if you don't believe it will work.

Kudos, brother.
Steve


Clinton Gormley wrote:
> 
>> $fp =~ /(.*)/;
> 
> 
> This doesn't untaint $fp.
> 
> instead, you could do this:
> 
>   ( $fp )=( $fp =~ /(.*)/ );
> 
> To untaint a variable using this method, you need to assign the result
> of a regex capture to the variable, not just do a regex check
> 
> Clint
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Insecure-dependency-in-unlink-while-running-with--T-switch-tf4045039.html#a11490823
Sent from the mod_perl - General mailing list archive at Nabble.com.


Mime
View raw message