[dbsrgits/DBIx-Class.git] / t / 54taint.t

#!/usr/bin/env perl -T

# the above line forces Test::Harness into taint-mode
# DO NOT REMOVE

use strict;
use warnings;

# When in taint mode, PERL5LIB is ignored (but *not* unset)
# Put it back in INC so that local-lib users can actually
# run this test
use Config;
BEGIN {
  for (map { defined $ENV{$_} ? $ENV{$_} : () } (qw/PERLLIB PERL5LIB/) ) {  # we unshift, so reverse precedence
    my ($envvar) = ($_ =~ /^(.+)$/);  # untaint
    unshift @INC, map { length($_) ? $_ : () } (split /\Q$Config{path_sep}\E/, $envvar);
  }
}

use Test::More;
use Test::Exception;
use lib qw(t/lib);

throws_ok (
  sub { $ENV{PATH} . (kill (0)) },
  qr/Insecure dependency in kill/,
  'taint mode active'
);

{
  package DBICTest::Taint::Classes;

  use Test::More;
  use Test::Exception;

  use base qw/DBIx::Class::Schema/;

  lives_ok (sub {
    __PACKAGE__->load_classes(qw/Manual/);
    ok( __PACKAGE__->source('Manual'), 'The Classes::Manual source has been registered' );
    __PACKAGE__->_unregister_source (qw/Manual/);
  }, 'Loading classes with explicit load_classes worked in taint mode' );

  lives_ok (sub {
    __PACKAGE__->load_classes();
    ok( __PACKAGE__->source('Auto'), 'The Classes::Auto source has been registered' );
      ok( __PACKAGE__->source('Auto'), 'The Classes::Manual source has been re-registered' );
  }, 'Loading classes with Module::Find/load_classes worked in taint mode' );
}

{
  package DBICTest::Taint::Namespaces;

  use Test::More;
  use Test::Exception;

  use base qw/DBIx::Class::Schema/;

  lives_ok (sub {
    __PACKAGE__->load_namespaces();
    ok( __PACKAGE__->source('Test'), 'The Namespaces::Test source has been registered' );
  }, 'Loading classes with Module::Find/load_namespaces worked in taint mode' );
}

done_testing;
Commit	Line	Data
f54428ab	1	#!/usr/bin/env perl -T
83542a7d	2
83542a7d	3	# the above line forces Test::Harness into taint-mode
f54428ab	4	# DO NOT REMOVE
83542a7d	5
	6	use strict;
	7	use warnings;
	8
9f72d93a	9	# When in taint mode, PERL5LIB is ignored (but not unset)
	10	# Put it back in INC so that local-lib users can actually
	11	# run this test
	12	use Config;
	13	BEGIN {
	14	for (map { defined $ENV{$_} ? $ENV{$_} : () } (qw/PERLLIB PERL5LIB/) ) { # we unshift, so reverse precedence
	15	my ($envvar) = ($_ =~ /^(.+)$/); # untaint
	16	unshift @INC, map { length($_) ? $_ : () } (split /\Q$Config{path_sep}\E/, $envvar);
	17	}
	18	}
	19
91b0ad0b	20	use Test::More;
f54428ab	21	use Test::Exception;
f54428ab	22	use lib qw(t/lib);
83542a7d	23
f54428ab	24	throws_ok (
	25	sub { $ENV{PATH} . (kill (0)) },
	26	qr/Insecure dependency in kill/,
	27	'taint mode active'
	28	);
83542a7d	29
f54428ab	30	{
f54428ab	31	package DBICTest::Taint::Classes;
83542a7d	32
f54428ab	33	use Test::More;
f54428ab	34	use Test::Exception;
91b0ad0b	35
f54428ab	36	use base qw/DBIx::Class::Schema/;
91b0ad0b	37
f54428ab	38	lives_ok (sub {
	39	__PACKAGE__->load_classes(qw/Manual/);
	40	ok( __PACKAGE__->source('Manual'), 'The Classes::Manual source has been registered' );
	41	__PACKAGE__->_unregister_source (qw/Manual/);
	42	}, 'Loading classes with explicit load_classes worked in taint mode' );
91b0ad0b	43
f54428ab	44	lives_ok (sub {
	45	__PACKAGE__->load_classes();
	46	ok( __PACKAGE__->source('Auto'), 'The Classes::Auto source has been registered' );
	47	ok( __PACKAGE__->source('Auto'), 'The Classes::Manual source has been re-registered' );
	48	}, 'Loading classes with Module::Find/load_classes worked in taint mode' );
	49	}
83542a7d	50
f54428ab	51	{
f54428ab	52	package DBICTest::Taint::Namespaces;
83542a7d	53
f54428ab	54	use Test::More;
f54428ab	55	use Test::Exception;
91b0ad0b	56
f54428ab	57	use base qw/DBIx::Class::Schema/;
83542a7d	58
f54428ab	59	lives_ok (sub {
	60	__PACKAGE__->load_namespaces();
	61	ok( __PACKAGE__->source('Test'), 'The Namespaces::Test source has been registered' );
	62	}, 'Loading classes with Module::Find/load_namespaces worked in taint mode' );
	63	}
91b0ad0b	64
f54428ab	65	done_testing;