Commit | Line | Data |
0e247040 |
1 | #!./perl -Tw |
2 | |
3 | BEGIN { |
0e247040 |
4 | require Config; import Config; |
5 | if ($^O ne 'VMS' and $Config{'extensions'} !~ /\bPOSIX\b/) { |
6 | print "1..0\n"; |
7 | exit 0; |
8 | } |
9 | } |
10 | |
64087619 |
11 | use Test::More tests => 7; |
0e247040 |
12 | use Scalar::Util qw/tainted/; |
0e247040 |
13 | |
14 | |
15 | use POSIX qw(fcntl_h open read mkfifo); |
16 | use strict ; |
17 | |
18 | $| = 1; |
19 | |
20 | my $buffer; |
21 | my @buffer; |
22 | my $testfd; |
23 | |
24 | # Sources of taint: |
25 | # The empty tainted value, for tainting strings |
26 | |
27 | my $TAINT = substr($^X, 0, 0); |
28 | |
2adbc9b6 |
29 | my $file = 'POSIX.xs'; |
943b127a |
30 | |
31 | eval { mkfifo($TAINT. $file, 0) }; |
64087619 |
32 | like($@, qr/^Insecure dependency/, 'mkfifo with tainted data'); |
0e247040 |
33 | |
943b127a |
34 | eval { $testfd = open($TAINT. $file, O_WRONLY, 0) }; |
64087619 |
35 | like($@, qr/^Insecure dependency/, 'open with tainted data'); |
0e247040 |
36 | |
943b127a |
37 | eval { $testfd = open($file, O_RDONLY, 0) }; |
64087619 |
38 | is($@, "", 'open with untainted data'); |
0e247040 |
39 | |
40 | read($testfd, $buffer, 2) if $testfd > 2; |
2adbc9b6 |
41 | is( $buffer, "#d", ' read' ); |
0e247040 |
42 | ok(tainted($buffer), ' scalar tainted'); |
0e247040 |
43 | |
64087619 |
44 | TODO: { |
45 | local $TODO = "POSIX::read won't taint an array element"; |
46 | |
47 | read($testfd, $buffer[1], 2) if $testfd > 2; |
48 | |
49 | is( $buffer[1], "./", ' read' ); |
50 | ok(tainted($buffer[1]), ' array element tainted'); |
51 | } |