POSIX taint tests

From: "Paul Marquess" <Paul.Marquess@btinternet.com> Message-ID: <AIEAJICLCBDNAAOLLOKLMEFJEOAA.Paul.Marquess@btinternet.com> p4raw-id: //depot/perl@17296
author: Paul Marquess <paul.marquess@btinternet.com> 2002-06-19 10:29:22 +0100
committer: Jarkko Hietaniemi <jhi@iki.fi> 2002-06-19 12:20:54 +0000
commit: 0e247040c68e14832dcdbb2508a8f1cc78bc5480 (patch)
tree: 12f00035f2c7c44f70d94c3aacef6c24896ec62c
parent: 6ebe41ac4b371ed6f440022cad1f0a13ea938e37 (diff)
download: perl-0e247040c68e14832dcdbb2508a8f1cc78bc5480.tar.gz
2 files changed, 48 insertions, 0 deletions
diff --git a/MANIFEST b/MANIFEST
index 59ec4a4dbf..e433dc441c 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -557,6 +557,7 @@ ext/POSIX/POSIX.pod		POSIX extension documentation
 ext/POSIX/POSIX.xs		POSIX extension external subroutines
 ext/POSIX/t/posix.t		See if POSIX works
 ext/POSIX/t/sigaction.t		See if POSIX::sigaction works
+ext/POSIX/t/taint.t		See if POSIX works with taint
 ext/POSIX/t/waitpid.t		See if waitpid works
 ext/POSIX/typemap		POSIX extension interface types
 ext/re/hints/mpeix.pl		Hints for re for named architecture
diff --git a/ext/POSIX/t/taint.t b/ext/POSIX/t/taint.t
new file mode 100644
index 0000000000..2fc171b182
--- /dev/null
+++ b/ext/POSIX/t/taint.t
@@ -0,0 +1,47 @@
+#!./perl -Tw
+
+BEGIN {
+    chdir 't' if -d 't';
+    @INC = '../lib';
+    require Config; import Config;
+    if ($^O ne 'VMS' and $Config{'extensions'} !~ /\bPOSIX\b/) {
+	print "1..0\n";
+	exit 0;
+    }
+}
+
+require "./test.pl";
+use Scalar::Util qw/tainted/;
+plan(tests => 5);
+
+
+use POSIX qw(fcntl_h open read mkfifo);
+use strict ;
+
+$| = 1;
+
+my $buffer;
+my @buffer;
+my $testfd;
+
+# Sources of taint:
+#   The empty tainted value, for tainting strings
+
+my $TAINT = substr($^X, 0, 0);
+
+eval { mkfifo($TAINT. "TEST", 0) };
+ok($@ =~ /^Insecure dependency/,              'mkfifo with tainted data');
+
+eval { $testfd = open($TAINT. "TEST", O_WRONLY, 0) };
+ok($@ =~ /^Insecure dependency/,              'open with tainted data');
+
+eval { $testfd = open("TEST", O_RDONLY, 0) };
+ok($@ eq "",                                  'open with untainted data');
+
+read($testfd, $buffer, 2) if $testfd > 2;
+is( $buffer, "#!",	                          '    read' );
+ok(tainted($buffer),                          '    scalar tainted');
+read($testfd, $buffer[1], 2) if $testfd > 2;
+
+#is( $buffer[1], "./",	                      '    read' );
+#ok(tainted($buffer[1]),                       '    array element tainted');
author	Paul Marquess <paul.marquess@btinternet.com>	2002-06-19 10:29:22 +0100
committer	Jarkko Hietaniemi <jhi@iki.fi>	2002-06-19 12:20:54 +0000
commit	0e247040c68e14832dcdbb2508a8f1cc78bc5480 (patch)
tree	12f00035f2c7c44f70d94c3aacef6c24896ec62c
parent	6ebe41ac4b371ed6f440022cad1f0a13ea938e37 (diff)
download	perl-0e247040c68e14832dcdbb2508a8f1cc78bc5480.tar.gz