diff options
| author | Nicholas Clark <nick@ccl4.org> | 2011-02-28 16:08:29 +0000 |
|---|---|---|
| committer | Nicholas Clark <nick@ccl4.org> | 2011-03-02 09:13:23 +0000 |
| commit | 4e74b85bc530fa4d5182e4323be281b1cd335c7a (patch) | |
| tree | 77b0e37fda0b177220b4e2a07830c441d33c8cee /t/op/taint.t | |
| parent | ef5cbc634680e1354b871bbe4ae1a70c8a136307 (diff) | |
| download | perl-4e74b85bc530fa4d5182e4323be281b1cd335c7a.tar.gz | |
In taint.t, convert the Fcntl and *printf tests to violates_taint().
Diffstat (limited to 't/op/taint.t')
| -rw-r--r-- | t/op/taint.t | 88 |
1 files changed, 30 insertions, 58 deletions
diff --git a/t/op/taint.t b/t/op/taint.t index a5d11bf2ed..c3d8ddce8b 100644 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -17,7 +17,7 @@ use Config; use File::Spec::Functions; BEGIN { require './test.pl'; } -plan tests => 733; +plan tests => 753; $| = 1; @@ -1439,59 +1439,31 @@ SKIP: { my $foo = tempfile(); my $evil = $foo . $TAINT; - eval { sysopen(my $ro, $evil, &O_RDONLY) }; - unlike($@, qr/^Insecure dependency/); - - eval { sysopen(my $wo, $evil, &O_WRONLY) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $rw, $evil, &O_RDWR) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $ap, $evil, &O_APPEND) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $cr, $evil, &O_CREAT) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $tr, $evil, &O_TRUNC) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $ro, $foo, &O_RDONLY | $TAINT0) }; - unlike($@, qr/^Insecure dependency/); - - eval { sysopen(my $wo, $foo, &O_WRONLY | $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $rw, $foo, &O_RDWR | $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $ap, $foo, &O_APPEND | $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $cr, $foo, &O_CREAT | $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $tr, $foo, &O_TRUNC | $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $ro, $foo, &O_RDONLY, $TAINT0) }; - unlike($@, qr/^Insecure dependency/); - - eval { sysopen(my $wo, $foo, &O_WRONLY, $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $rw, $foo, &O_RDWR, $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $ap, $foo, &O_APPEND, $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $cr, $foo, &O_CREAT, $TAINT0) }; - like($@, qr/^Insecure dependency/); - - eval { sysopen(my $tr, $foo, &O_TRUNC, $TAINT0) }; - like($@, qr/^Insecure dependency/); + is(eval { sysopen(my $ro, $evil, &O_RDONLY) }, undef); + is($@, ''); + + violates_taint(sub { sysopen(my $wo, $evil, &O_WRONLY) }, 'sysopen'); + violates_taint(sub { sysopen(my $rw, $evil, &O_RDWR) }, 'sysopen'); + violates_taint(sub { sysopen(my $ap, $evil, &O_APPEND) }, 'sysopen'); + violates_taint(sub { sysopen(my $cr, $evil, &O_CREAT) }, 'sysopen'); + violates_taint(sub { sysopen(my $tr, $evil, &O_TRUNC) }, 'sysopen'); + + is(eval { sysopen(my $ro, $foo, &O_RDONLY | $TAINT0) }, undef); + is($@, ''); + + violates_taint(sub { sysopen(my $wo, $foo, &O_WRONLY | $TAINT0) }, 'sysopen'); + violates_taint(sub { sysopen(my $rw, $foo, &O_RDWR | $TAINT0) }, 'sysopen'); + violates_taint(sub { sysopen(my $ap, $foo, &O_APPEND | $TAINT0) }, 'sysopen'); + violates_taint(sub { sysopen(my $cr, $foo, &O_CREAT | $TAINT0) }, 'sysopen'); + violates_taint(sub { sysopen(my $tr, $foo, &O_TRUNC | $TAINT0) }, 'sysopen'); + is(eval { sysopen(my $ro, $foo, &O_RDONLY, $TAINT0) }, undef); + is($@, ''); + + violates_taint(sub { sysopen(my $wo, $foo, &O_WRONLY, $TAINT0) }, 'sysopen'); + violates_taint(sub { sysopen(my $rw, $foo, &O_RDWR, $TAINT0) }, 'sysopen'); + violates_taint(sub { sysopen(my $ap, $foo, &O_APPEND, $TAINT0) }, 'sysopen'); + violates_taint(sub { sysopen(my $cr, $foo, &O_CREAT, $TAINT0) }, 'sysopen'); + violates_taint(sub { sysopen(my $tr, $foo, &O_TRUNC, $TAINT0) }, 'sysopen'); } } @@ -1853,12 +1825,12 @@ SKIP: { # tests for tainted format in s?printf - eval { printf($TAINT . "# %s\n", "foo") }; - like($@, qr/^Insecure dependency in printf/, q/printf doesn't like tainted formats/); + violates_taint(sub { printf($TAINT . "# %s\n", "foo") }, 'printf', + q/printf doesn't like tainted formats/); eval { printf("# %s\n", $TAINT . "foo") }; is($@, '', q/printf accepts other tainted args/); - eval { sprintf($TAINT . "# %s\n", "foo") }; - like($@, qr/^Insecure dependency in sprintf/, q/sprintf doesn't like tainted formats/); + violates_taint(sub { sprintf($TAINT . "# %s\n", "foo") }, 'sprintf', + q/sprintf doesn't like tainted formats/); eval { sprintf("# %s\n", $TAINT . "foo") }; is($@, '', q/sprintf accepts other tainted args/); } |