blob: 19afa2fea4ebfe5afe5fa0d3158b835590ee8ac7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
#!./perl -T
BEGIN {
unless(grep /blib/, @INC) {
chdir 't' if -d 't';
@INC = '../lib';
}
}
use Config;
BEGIN {
if(-d "lib" && -f "TEST") {
if ($Config{'extensions'} !~ /\bIO\b/ && $^O ne 'VMS') {
print "1..0\n";
exit 0;
}
}
}
END { unlink "./__taint__$$" }
print "1..3\n";
use IO::File;
$x = new IO::File "> ./__taint__$$" || die("Cannot open ./__taint__$$\n");
print $x "$$\n";
$x->close;
$x = new IO::File "< ./__taint__$$" || die("Cannot open ./__taint__$$\n");
chop($unsafe = <$x>);
eval { kill 0 * $unsafe };
print "not " if $^O ne 'MSWin32' and ($@ !~ /^Insecure/o);
print "ok 1\n";
$x->close;
# We could have just done a seek on $x, but technically we haven't tested
# seek yet...
$x = new IO::File "< ./__taint__$$" || die("Cannot open ./__taint__$$\n");
$x->untaint;
print "not " if ($?);
print "ok 2\n"; # Calling the method worked
chop($unsafe = <$x>);
eval { kill 0 * $unsafe };
print "not " if ($@ =~ /^Insecure/o);
print "ok 3\n"; # No Insecure message from using the data
$x->close;
exit 0;
|