diff options
| author | Radu Greab <radu@netsoft.ro> | 2001-11-26 20:42:29 +0200 |
|---|---|---|
| committer | Jarkko Hietaniemi <jhi@iki.fi> | 2001-11-26 23:55:02 +0000 |
| commit | 52a55424e4624fc79eb8894fb91c5e2f4a9018ab (patch) | |
| tree | 755e7bc8e040f7f66f6a0b2c70d3c2d3bfe780e7 | |
| parent | dbda34347e3a4321b3c3ae9358f7e2c5c89ad933 (diff) | |
| download | perl-52a55424e4624fc79eb8894fb91c5e2f4a9018ab.tar.gz | |
system and taintedness
Message-ID: <15362.28917.697078.551412@ix.netsoft.ro>
p4raw-id: //depot/perl@13287
| -rw-r--r-- | pp_sys.c | 10 | ||||
| -rwxr-xr-x | t/op/taint.t | 10 |
2 files changed, 19 insertions, 1 deletions
@@ -4030,6 +4030,16 @@ PP(pp_system) int status; Sigsave_t ihand,qhand; /* place to save signals during system() */ + if (PL_tainting) { + SV *cmd = NULL; + if (PL_op->op_flags & OPf_STACKED) + cmd = *(MARK + 1); + else if (SP - MARK != 1) + cmd = *SP; + if (cmd && *(SvPV_nolen(cmd)) != '/') + TAINT_ENV(); + } + if (PerlProc_pipe(pp) >= 0) did_pipes = 1; while ((childpid = PerlProc_fork()) == -1) { diff --git a/t/op/taint.t b/t/op/taint.t index 29b5839fa2..21cf2fafb7 100755 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -123,7 +123,7 @@ print PROG 'print "@ARGV\n"', "\n"; close PROG; my $echo = "$Invoke_Perl $ECHO"; -print "1..182\n"; +print "1..183\n"; # First, let's make sure that Perl is checking the dangerous # environment variables. Maybe they aren't set yet, so we'll @@ -918,3 +918,11 @@ ok( $@ =~ /^Modification of a read-only value attempted/, my $re3 = "$re2"; test 182, tainted $re3; } + + +{ + # bug 20010221.005 + local $ENV{PATH} .= $TAINT; + eval { system { "echo" } "/arg0", "arg1" }; + test 183, $@ =~ /^Insecure \$ENV/; +} |