summaryrefslogtreecommitdiff
path: root/taint.c
diff options
context:
space:
mode:
Diffstat (limited to 'taint.c')
-rw-r--r--taint.c80
1 files changed, 33 insertions, 47 deletions
diff --git a/taint.c b/taint.c
index be69c0e3df..d9fac77b5f 100644
--- a/taint.c
+++ b/taint.c
@@ -8,37 +8,25 @@
#include "perl.h"
void
-taint_not(s)
-char *s;
-{
- if (euid != uid)
- croak("No %s allowed while running setuid", s);
- if (egid != gid)
- croak("No %s allowed while running setgid", s);
-}
-
-void
taint_proper(f, s)
char *f;
char *s;
{
- if (tainting) {
- DEBUG_u(PerlIO_printf(PerlIO_stderr(), "%s %d %d %d\n",s,tainted,uid, euid));
- if (tainted) {
- char *ug = 0;
- if (euid != uid)
- ug = " while running setuid";
- else if (egid != gid)
- ug = " while running setgid";
- else if (tainting)
- ug = " while running with -T switch";
- if (ug) {
- if (!unsafe)
- croak(f, s, ug);
- else if (dowarn)
- warn(f, s, ug);
- }
- }
+ char *ug;
+
+ if (tainted) {
+ DEBUG_u(PerlIO_printf(PerlIO_stderr(),
+ "%s %d %d %d\n", s, tainted, uid, euid));
+ if (euid != uid)
+ ug = " while running setuid";
+ else if (egid != gid)
+ ug = " while running setgid";
+ else
+ ug = " while running with -T switch";
+ if (!unsafe)
+ croak(f, s, ug);
+ else if (dowarn)
+ warn(f, s, ug);
}
}
@@ -46,26 +34,24 @@ void
taint_env()
{
SV** svp;
+ MAGIC *mg = 0;
- if (tainting) {
- MAGIC *mg = 0;
- svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
- if (!svp || *svp == &sv_undef ||
- ((mg = mg_find(*svp, 't')) && mg->mg_len & 1))
- {
- tainted = TRUE;
- if (mg && MgTAINTEDDIR(mg))
- taint_proper("Insecure directory in %s%s", "$ENV{PATH}");
- else
- taint_proper("Insecure %s%s", "$ENV{PATH}");
- }
- svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE);
- if (svp && *svp != &sv_undef &&
- (mg = mg_find(*svp, 't')) && mg->mg_len & 1)
- {
- tainted = TRUE;
- taint_proper("Insecure %s%s", "$ENV{IFS}");
- }
+ svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
+ if (!svp || *svp == &sv_undef ||
+ ((mg = mg_find(*svp, 't')) && mg->mg_len & 1))
+ {
+ TAINT;
+ if (mg && MgTAINTEDDIR(mg))
+ taint_proper("Insecure directory in %s%s", "$ENV{PATH}");
+ else
+ taint_proper("Insecure %s%s", "$ENV{PATH}");
}
-}
+ svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE);
+ if (svp && *svp != &sv_undef &&
+ (mg = mg_find(*svp, 't')) && mg->mg_len & 1)
+ {
+ TAINT;
+ taint_proper("Insecure %s%s", "$ENV{IFS}");
+ }
+}
View Lorry Controller Status