perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stevethames <>
Subject Re: Insecure dependency in unlink while running with -T switch
Date Sun, 08 Jul 2007 17:36:58 GMT

Clint, you are a steely-eyed, missle man!

In fact, I had taken the statement '$fp =~ /(.+)/' directly from another
page as a posted solution to this problem without even looking at it.  After
your email, I felt like an idiot as it was obvious that all this statement
would do was set $& and $1.  

The is_tainted() subroutine from the camel book is clearly crap as I ran $fp
through there and it returned false.  I was surprised when your solution
worked because I did not think $fp was tainted to begin with although I had
checked through is_tainted().  It was not created from an environment
variable or command line argument and did not originate through piped or
file input.  Following your email, however, I realized $fp was tainted
bacause it came from a field value in a posted form.

Anyway, that solved my problem.  Just goes to show--always test the solution
someone posts even if you don't believe it will work.

Kudos, brother.

Clinton Gormley wrote:
>> $fp =~ /(.*)/;
> This doesn't untaint $fp.
> instead, you could do this:
>   ( $fp )=( $fp =~ /(.*)/ );
> To untaint a variable using this method, you need to assign the result
> of a regex capture to the variable, not just do a regex check
> Clint

View this message in context:
Sent from the mod_perl - General mailing list archive at

View raw message