taint.t

UNIX下perl实现代码

    }
}

# Some operations using files can't use tainted data.
{
    my $foo = "imaginary library" . $TAINT;
    test 69, eval { require $foo } eq '', 'require';
    test 70, $@ =~ /^Insecure dependency/, $@;

    my $filename = "./taintB$$";	# NB: $filename isn't tainted!
    END { unlink $filename if defined $filename }
    $foo = $filename . $TAINT;
    unlink $filename;	# in any case

    test 71, eval { open FOO, $foo } eq '', 'open for read';
    test 72, $@ eq '', $@;		# NB: This should be allowed

    # Try first new style but allow also old style.
    test 73, $!{ENOENT} ||
	$! == 2 || # File not found
	($Is_Dos && $! == 22) ||
	($^O eq 'mint' && $! == 33);

    test 74, eval { open FOO, "> $foo" } eq '', 'open for write';
    test 75, $@ =~ /^Insecure dependency/, $@;
}

# Commands to the system can't use tainted data
{
    my $foo = $TAINT;

    if ($^O eq 'amigaos') {
	for (76..79) { print "ok $_ # Skipped: open('|') is not available\n" }
    }
    else {
	test 76, eval { open FOO, "| x$foo" } eq '', 'popen to';
	test 77, $@ =~ /^Insecure dependency/, $@;

	test 78, eval { open FOO, "x$foo |" } eq '', 'popen from';
	test 79, $@ =~ /^Insecure dependency/, $@;
    }

    test 80, eval { exec $TAINT } eq '', 'exec';
    test 81, $@ =~ /^Insecure dependency/, $@;

    test 82, eval { system $TAINT } eq '', 'system';
    test 83, $@ =~ /^Insecure dependency/, $@;

    $foo = "*";
    taint_these $foo;

    test 84, eval { `$echo 1$foo` } eq '', 'backticks';
    test 85, $@ =~ /^Insecure dependency/, $@;

    if ($Is_VMS) { # wildcard expansion doesn't invoke shell, so is safe
	test 86, join('', eval { glob $foo } ) ne '', 'globbing';
	test 87, $@ eq '', $@;
    }
    else {
	for (86..87) { print "ok $_ # Skipped: this is not VMS\n"; }
    }
}

# Operations which affect processes can't use tainted data.
{
    test 88, eval { kill 0, $TAINT } eq '', 'kill';
    test 89, $@ =~ /^Insecure dependency/, $@;

    if ($Config{d_setpgrp}) {
	test 90, eval { setpgrp 0, $TAINT } eq '', 'setpgrp';
	test 91, $@ =~ /^Insecure dependency/, $@;
    }
    else {
	for (90..91) { print "ok $_ # Skipped: setpgrp() is not available\n" }
    }

    if ($Config{d_setprior}) {
	test 92, eval { setpriority 0, $TAINT, $TAINT } eq '', 'setpriority';
	test 93, $@ =~ /^Insecure dependency/, $@;
    }
    else {
	for (92..93) { print "ok $_ # Skipped: setpriority() is not available\n" }
    }
}

# Some miscellaneous operations can't use tainted data.
{
    if ($Config{d_syscall}) {
	test 94, eval { syscall $TAINT } eq '', 'syscall';
	test 95, $@ =~ /^Insecure dependency/, $@;
    }
    else {
	for (94..95) { print "ok $_ # Skipped: syscall() is not available\n" }
    }

    {
	my $foo = "x" x 979;
	taint_these $foo;
	local *FOO;
	my $temp = "./taintC$$";
	END { unlink $temp }
	test 96, open(FOO, "> $temp"), "Couldn't open $temp for write: $!";

	test 97, eval { ioctl FOO, $TAINT, $foo } eq '', 'ioctl';
	test 98, $@ =~ /^Insecure dependency/, $@;

	if ($Config{d_fcntl}) {
	    test 99, eval { fcntl FOO, $TAINT, $foo } eq '', 'fcntl';
	    test 100, $@ =~ /^Insecure dependency/, $@;
	}
	else {
	    for (99..100) { print "ok $_ # Skipped: fcntl() is not available\n" }
	}

	close FOO;
    }
}

# Some tests involving references
{
    my $foo = 'abc' . $TAINT;
    my $fooref = \$foo;
    test 101, not tainted $fooref;
    test 102, tainted $$fooref;
    test 103, tainted $foo;
}

# Some tests involving assignment
{
    my $foo = $TAINT0;
    my $bar = $foo;
    test 104, all_tainted $foo, $bar;
    test 105, tainted($foo = $bar);
    test 106, tainted($bar = $bar);
    test 107, tainted($bar += $bar);
    test 108, tainted($bar -= $bar);
    test 109, tainted($bar *= $bar);
    test 110, tainted($bar++);
    test 111, tainted($bar /= $bar);
    test 112, tainted($bar += 0);
    test 113, tainted($bar -= 2);
    test 114, tainted($bar *= -1);
    test 115, tainted($bar /= 1);
    test 116, tainted($bar--);
    test 117, $bar == 0;
}

# Test assignment and return of lists
{
    my @foo = ("A", "tainted" . $TAINT, "B");
    test 118, not tainted $foo[0];
    test 119,     tainted $foo[1];
    test 120, not tainted $foo[2];
    my @bar = @foo;
    test 121, not tainted $bar[0];
    test 122,     tainted $bar[1];
    test 123, not tainted $bar[2];
    my @baz = eval { "A", "tainted" . $TAINT, "B" };
    test 124, not tainted $baz[0];
    test 125,     tainted $baz[1];
    test 126, not tainted $baz[2];
    my @plugh = eval q[ "A", "tainted" . $TAINT, "B" ];
    test 127, not tainted $plugh[0];
    test 128,     tainted $plugh[1];
    test 129, not tainted $plugh[2];
    my $nautilus = sub { "A", "tainted" . $TAINT, "B" };
    test 130, not tainted ((&$nautilus)[0]);
    test 131,     tainted ((&$nautilus)[1]);
    test 132, not tainted ((&$nautilus)[2]);
    my @xyzzy = &$nautilus;
    test 133, not tainted $xyzzy[0];
    test 134,     tainted $xyzzy[1];
    test 135, not tainted $xyzzy[2];
    my $red_october = sub { return "A", "tainted" . $TAINT, "B" };
    test 136, not tainted ((&$red_october)[0]);
    test 137,     tainted ((&$red_october)[1]);
    test 138, not tainted ((&$red_october)[2]);
    my @corge = &$red_october;
    test 139, not tainted $corge[0];
    test 140,     tainted $corge[1];
    test 141, not tainted $corge[2];
}

# Test for system/library calls returning string data of dubious origin.
{
    # No reliable %Config check for getpw*
    if (eval { setpwent(); getpwent(); 1 }) {
	setpwent();
	my @getpwent = getpwent();
	die "getpwent: $!\n" unless (@getpwent);
	test 142,(    not tainted $getpwent[0]
	          and     tainted $getpwent[1]
	          and not tainted $getpwent[2]
	          and not tainted $getpwent[3]
	          and not tainted $getpwent[4]
	          and not tainted $getpwent[5]
	          and     tainted $getpwent[6]		# ge?cos
	          and not tainted $getpwent[7]
		  and     tainted $getpwent[8]);	# shell
	endpwent();
    } else {
	for (142) { print "ok $_ # Skipped: getpwent() is not available\n" }
    }

    if ($Config{d_readdir}) { # pretty hard to imagine not
	local(*D);
	opendir(D, "op") or die "opendir: $!\n";
	my $readdir = readdir(D);
	test 143, tainted $readdir;
	closedir(OP);
    } else {
	for (143) { print "ok $_ # Skipped: readdir() is not available\n" }
    }

    if ($Config{d_readlink} && $Config{d_symlink}) {
	my $symlink = "sl$$";
	unlink($symlink);
	symlink("/something/naughty", $symlink) or die "symlink: $!\n";
	my $readlink = readlink($symlink);
	test 144, tainted $readlink;
	unlink($symlink);
    } else {
	for (144) { print "ok $_ # Skipped: readlink() or symlink() is not available\n"; }
    }
}

# test bitwise ops (regression bug)
{
    my $why = "y";
    my $j = "x" | $why;
    test 145, not tainted $j;
    $why = $TAINT."y";
    $j = "x" | $why;
    test 146,     tainted $j;
}

# test target of substitution (regression bug)
{
    my $why = $TAINT."y";
    $why =~ s/y/z/;
    test 147,     tainted $why;

    my $z = "[z]";
    $why =~ s/$z/zee/;
    test 148,     tainted $why;

    $why =~ s/e/'-'.$$/ge;
    test 149,     tainted $why;
}

# test shmread
{
    unless ($ipcsysv) {
	print "ok 150 # skipped: no IPC::SysV\n";
	last;
    }
    if ($Config{'extensions'} =~ /\bIPC\/SysV\b/ && $Config{d_shm}) {
	no strict 'subs';
	my $sent = "foobar";
	my $rcvd;
	my $size = 2000;
	my $id = shmget(IPC_PRIVATE, $size, S_IRWXU);

	if (defined $id) {
	    if (shmwrite($id, $sent, 0, 60)) {
		if (shmread($id, $rcvd, 0, 60)) {
		    substr($rcvd, index($rcvd, "\0")) = '';
		} else {
		    warn "# shmread failed: $!\n";
		}
	    } else {
		warn "# shmwrite failed: $!\n";
	    }
	    shmctl($id, IPC_RMID, 0) or warn "# shmctl failed: $!\n";
	} else {
	    warn "# shmget failed: $!\n";
	}

	if ($rcvd eq $sent) {
	    test 150, tainted $rcvd;
	} else {
	    print "ok 150 # Skipped: SysV shared memory operation failed\n";
	}
    } else {
	print "ok 150 # Skipped: SysV shared memory is not available\n";
    }
}

# test msgrcv
{
    unless ($ipcsysv) {
	print "ok 151 # skipped: no IPC::SysV\n";
	last;
    }
    if ($Config{'extensions'} =~ /\bIPC\/SysV\b/ && $Config{d_msg}) {
	no strict 'subs';
	my $id = msgget(IPC_PRIVATE, IPC_CREAT | S_IRWXU);

	my $sent      = "message";
	my $type_sent = 1234;
	my $rcvd;
	my $type_rcvd;

	if (defined $id) {
	    if (msgsnd($id, pack("l! a*", $type_sent, $sent), 0)) {
		if (msgrcv($id, $rcvd, 60, 0, 0)) {
		    ($type_rcvd, $rcvd) = unpack("l! a*", $rcvd);
		} else {
		    warn "# msgrcv failed\n";
		}
	    } else {
		warn "# msgsnd failed\n";
	    }
	    msgctl($id, IPC_RMID, 0) or warn "# msgctl failed: $!\n";
	} else {
	    warn "# msgget failed\n";
	}

	if ($rcvd eq $sent && $type_sent == $type_rcvd) {
	    test 151, tainted $rcvd;
	} else {
	    print "ok 151 # Skipped: SysV message queue operation failed\n";
	}
    } else {
	print "ok 151 # Skipped: SysV message queues are not available\n";
    }
}

{
    # bug id 20001004.006

    open IN, "./TEST" or warn "$0: cannot read ./TEST: $!" ;
    local $/;
    my $a = <IN>;
    my $b = <IN>;
    print "not " unless tainted($a) && tainted($b) && !defined($b);
    print "ok 152\n";
    close IN;
}

{
    # bug id 20001004.007

    open IN, "./TEST" or warn "$0: cannot read ./TEST: $!" ;
    my $a = <IN>;

    my $c = { a => 42,
	      b => $a };
    print "not " unless !tainted($c->{a}) && tainted($c->{b});
    print "ok 153\n";

    my $d = { a => $a,
	      b => 42 };
    print "not " unless tainted($d->{a}) && !tainted($d->{b});
    print "ok 154\n";

    my $e = { a => 42,
	      b => { c => $a, d => 42 } };
    print "not " unless !tainted($e->{a}) &&
	                !tainted($e->{b}) &&
	                 tainted($e->{b}->{c}) &&
	                !tainted($e->{b}->{d});
    print "ok 155\n";

    close IN;
}