diff options
| author | Nick Ing-Simmons <nik@tiuk.ti.com> | 2001-06-30 20:46:46 +0000 |
|---|---|---|
| committer | Nick Ing-Simmons <nik@tiuk.ti.com> | 2001-06-30 20:46:46 +0000 |
| commit | 8ddbe0db64fab7835b6ee250a143591dfee04981 (patch) | |
| tree | 77acab06af07fcae8603504e0a3881b3a7c4143c | |
| parent | dc7e4f14cf121a554e665781a175a4ea580206d4 (diff) | |
| download | perl-8ddbe0db64fab7835b6ee250a143591dfee04981.tar.gz | |
Jeffrey Friedl's <jfriedl@yahoo.com> fix for lib/File/Find/taint.t
p4raw-id: //depot/perlio@11050
| -rw-r--r-- | lib/File/Find/taint.t | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/lib/File/Find/taint.t b/lib/File/Find/taint.t index 1e1258e184..f640ef710c 100644 --- a/lib/File/Find/taint.t +++ b/lib/File/Find/taint.t @@ -8,13 +8,31 @@ my $symlink_exists = eval { symlink("",""); 1 }; my $cwd; my $cwd_untainted; +use Config; + BEGIN { chdir 't' if -d 't'; unshift @INC => '../lib'; for (keys %ENV) { # untaint ENV - ($ENV{$_}) = $ENV{$_} =~ /(.*)/; + ($ENV{$_}) = $ENV{$_} =~ /(.*)/; } + + # Remove insecure directories from PATH + my @path; + my $sep = $Config{path_sep}; + foreach my $dir (split(/\Q$sep/,$ENV{'PATH'})) + { + ## + ## Match the directory taint tests in mg.c::Perl_magic_setenv() + ## + push(@path,$dir) unless (length($dir) >= 256 + or + substr($dir,0,1) ne "/" + or + (stat $dir)[2] & 002); + } + $ENV{'PATH'} = join($sep,@path); } @@ -24,16 +42,7 @@ else { print "1..27\n"; } use File::Find; use File::Spec; use Cwd; -use Config; -# Remove insecure directories from PATH -my @path; -my $sep = $Config{path_sep}; -foreach my $dir (split(/$sep/,$ENV{'PATH'})) - { - push(@path,$dir) unless (stat $dir)[2] & 0002; - } -$ENV{'PATH'} = join($sep,@path); my $NonTaintedCwd = $^O eq 'MSWin32' || $^O eq 'cygwin'; |