4 my %Expect_File = (); # what we expect for $_
5 my %Expect_Name = (); # what we expect for $File::Find::name/fullname
6 my %Expect_Dir = (); # what we expect for $File::Find::dir
7 my $symlink_exists = eval { symlink("",""); 1 };
13 unshift @INC => '../lib';
15 for (keys %ENV) { # untaint ENV
16 ($ENV{$_}) = $ENV{$_} =~ /(.*)/;
21 if ( $symlink_exists ) { print "1..45\n"; }
22 else { print "1..27\n"; }
28 # Remove insecure directories from PATH
30 my $sep = ($^O eq 'MSWin32') ? ';' : ':';
31 foreach my $dir (split(/$sep/,$ENV{'PATH'}))
33 push(@path,$dir) unless -w $dir;
35 $ENV{'PATH'} = join($sep,@path);
39 find({wanted => sub { print "ok 1\n" if $_ eq 'commonsense.t'; },
40 untaint => 1, untaint_pattern => qr|^(.+)$|}, File::Spec->curdir);
42 finddepth({wanted => sub { print "ok 2\n" if $_ eq 'commonsense.t'; },
43 untaint => 1, untaint_pattern => qr|^(.+)$|},
47 my $FastFileTests_OK = 0;
50 if (-d dir_path('for_find')) {
51 chdir(dir_path('for_find'));
53 if (-d dir_path('fa')) {
54 unlink file_path('fa', 'fa_ord'),
55 file_path('fa', 'fsl'),
56 file_path('fa', 'faa', 'faa_ord'),
57 file_path('fa', 'fab', 'fab_ord'),
58 file_path('fa', 'fab', 'faba', 'faba_ord'),
59 file_path('fb', 'fb_ord'),
60 file_path('fb', 'fba', 'fba_ord');
61 rmdir dir_path('fa', 'faa');
62 rmdir dir_path('fa', 'fab', 'faba');
63 rmdir dir_path('fa', 'fab');
65 rmdir dir_path('fb', 'fba');
67 chdir File::Spec->updir;
68 rmdir dir_path('for_find');
78 if ($_[0]) { print "ok $case\n"; }
79 else { print "not ok $case\n"; }
85 if ($_[0]) { print "ok $case\n"; }
86 else { print "not ok $case\n"; exit 0; }
91 print "ok $case # skipped: ",$_[0],"\n";
95 CheckDie( open(my $T,'>',$_[0]) );
99 CheckDie( mkdir($_[0],$_[1]) );
102 sub wanted_File_Dir {
103 print "# \$File::Find::dir => '$File::Find::dir'\n";
104 print "# \$_ => '$_'\n";
105 s#\.$## if ($^O eq 'VMS' && $_ ne '.');
106 Check( $Expect_File{$_} );
107 if ( $FastFileTests_OK ) {
108 delete $Expect_File{ $_}
109 unless ( $Expect_Dir{$_} && ! -d _ );
111 delete $Expect_File{$_}
112 unless ( $Expect_Dir{$_} && ! -d $_ );
116 sub wanted_File_Dir_prune {
118 $File::Find::prune=1 if $_ eq 'faba';
123 print "# \$File::Find::dir => '$File::Find::dir'\n";
124 print "# \$_ => '$_'\n";
128 # Use dir_path() to specify a directory path that's expected for
129 # $File::Find::dir (%Expect_Dir). Also use it in file operations like
132 # dir_path() concatenates directory names to form a _relative_
133 # directory path, independant from the platform it's run on, although
134 # there are limitations. Don't try to create an absolute path,
135 # because that may fail on operating systems that have the concept of
136 # volume names (e.g. Mac OS). Be careful when you want to create an
137 # updir path like ../fa (Unix) or ::fa: (Mac OS). Plain directory
138 # names will work best. As a special case, you can pass it a "." as
139 # first argument, to create a directory path like "./fa/dir" on
140 # operating systems other than Mac OS (actually, Mac OS will ignore
141 # the ".", if it's the first argument). If there's no second argument,
142 # this function will return the empty string on Mac OS and the string
146 my $first_item = shift @_;
148 if ($first_item eq '.') {
149 if ($^O eq 'MacOS') {
151 # ignore first argument; return a relative path
152 # with leading ":" and with trailing ":"
153 return File::Spec->catdir("", @_);
155 return './' unless @_;
156 my $path = File::Spec->catdir(@_);
162 } else { # $first_item ne '.'
163 return $first_item unless @_; # return plain filename
164 if ($^O eq 'MacOS') {
165 # relative path with leading ":" and with trailing ":"
166 return File::Spec->catdir("", $first_item, @_);
168 return File::Spec->catdir($first_item, @_);
174 # Use topdir() to specify a directory path that you want to pass to
175 #find/finddepth Basically, topdir() does the same as dir_path() (see
176 #above), except that there's no trailing ":" on Mac OS.
179 my $path = dir_path(@_);
180 $path =~ s/:$// if ($^O eq 'MacOS');
185 # Use file_path() to specify a file path that's expected for $_ (%Expect_File).
186 # Also suitable for file operations like unlink etc.
188 # file_path() concatenates directory names (if any) and a filename to
189 # form a _relative_ file path (the last argument is assumed to be a
190 # file). It's independant from the platform it's run on, although
191 # there are limitations (see the warnings for dir_path() above). As a
192 # special case, you can pass it a "." as first argument, to create a
193 # file path like "./fa/file" on operating systems other than Mac OS
194 # (actually, Mac OS will ignore the ".", if it's the first
195 # argument). If there's no second argument, this function will return
196 # the empty string on Mac OS and the string "./" otherwise.
199 my $first_item = shift @_;
201 if ($first_item eq '.') {
202 if ($^O eq 'MacOS') {
204 # ignore first argument; return a relative path
205 # with leading ":", but without trailing ":"
206 return File::Spec->catfile("", @_);
208 return './' unless @_;
209 my $path = File::Spec->catfile(@_);
215 } else { # $first_item ne '.'
216 return $first_item unless @_; # return plain filename
217 if ($^O eq 'MacOS') {
218 # relative path with leading ":", but without trailing ":"
219 return File::Spec->catfile("", $first_item, @_);
221 return File::Spec->catfile($first_item, @_);
227 # Use file_path_name() to specify a file path that's expected for
228 # $File::Find::Name (%Expect_Name). Note: When the no_chdir => 1
229 # option is in effect, $_ is the same as $File::Find::Name. In that
230 # case, also use this function to specify a file path that's expected
233 # Basically, file_path_name() does the same as file_path() (see
234 # above), except that there's always a leading ":" on Mac OS, even for
235 # plain file/directory names.
238 my $path = file_path(@_);
239 $path = ":$path" if (($^O eq 'MacOS') && ($path !~ /:/));
245 MkDir( dir_path('for_find'), 0777 );
246 CheckDie(chdir( dir_path('for_find')));
248 $cwd = cwd(); # save cwd
249 ( $cwd_untainted ) = $cwd =~ m|^(.+)$|; # untaint it
251 MkDir( dir_path('fa'), 0770 );
252 MkDir( dir_path('fb'), 0770 );
253 touch( file_path('fb', 'fb_ord') );
254 MkDir( dir_path('fb', 'fba'), 0770 );
255 touch( file_path('fb', 'fba', 'fba_ord') );
256 if ($^O eq 'MacOS') {
257 CheckDie( symlink(':fb',':fa:fsl') ) if $symlink_exists;
259 CheckDie( symlink('../fb','fa/fsl') ) if $symlink_exists;
261 touch( file_path('fa', 'fa_ord') );
263 MkDir( dir_path('fa', 'faa'), 0770 );
264 touch( file_path('fa', 'faa', 'faa_ord') );
265 MkDir( dir_path('fa', 'fab'), 0770 );
266 touch( file_path('fa', 'fab', 'fab_ord') );
267 MkDir( dir_path('fa', 'fab', 'faba'), 0770 );
268 touch( file_path('fa', 'fab', 'faba', 'faba_ord') );
270 print "# check untainting (no follow)\n";
272 # untainting here should work correctly
274 %Expect_File = (File::Spec->curdir => 1, file_path('fsl') =>
275 1,file_path('fa_ord') => 1, file_path('fab') => 1,
276 file_path('fab_ord') => 1, file_path('faba') => 1,
277 file_path('faa') => 1, file_path('faa_ord') => 1);
278 delete $Expect_File{ file_path('fsl') } unless $symlink_exists;
281 %Expect_Dir = ( dir_path('fa') => 1, dir_path('faa') => 1,
282 dir_path('fab') => 1, dir_path('faba') => 1,
283 dir_path('fb') => 1, dir_path('fba') => 1);
285 delete @Expect_Dir{ dir_path('fb'), dir_path('fba') } unless $symlink_exists;
287 File::Find::find( {wanted => \&wanted_File_Dir_prune, untaint => 1,
288 untaint_pattern => qr|^(.+)$|}, topdir('fa') );
290 Check( scalar(keys %Expect_File) == 0 );
293 # don't untaint at all, should die
298 eval {File::Find::find( {wanted => \&simple_wanted}, topdir('fa') );};
299 Check( $@ =~ m|Insecure dependency| );
300 chdir($cwd_untainted);
303 # untaint pattern doesn't match, should die
306 eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1,
307 untaint_pattern => qr|^(NO_MATCH)$|},
310 Check( $@ =~ m|is still tainted| );
311 chdir($cwd_untainted);
314 # untaint pattern doesn't match, should die when we chdir to cwd
315 print "# check untaint_skip (No follow)\n";
318 eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1,
319 untaint_skip => 1, untaint_pattern =>
320 qr|^(NO_MATCH)$|}, topdir('fa') );};
324 if ($^O eq 'MSWin32') {
325 Skip("$^O does not taint cwd");
328 Check( $@ =~ m|insecure cwd| );
330 chdir($cwd_untainted);
333 if ( $symlink_exists ) {
334 print "# --- symbolic link tests --- \n";
335 $FastFileTests_OK= 1;
337 print "# check untainting (follow)\n";
339 # untainting here should work correctly
340 # no_chdir is in effect, hence we use file_path_name to specify the expected paths for %Expect_File
342 %Expect_File = (file_path_name('fa') => 1,
343 file_path_name('fa','fa_ord') => 1,
344 file_path_name('fa', 'fsl') => 1,
345 file_path_name('fa', 'fsl', 'fb_ord') => 1,
346 file_path_name('fa', 'fsl', 'fba') => 1,
347 file_path_name('fa', 'fsl', 'fba', 'fba_ord') => 1,
348 file_path_name('fa', 'fab') => 1,
349 file_path_name('fa', 'fab', 'fab_ord') => 1,
350 file_path_name('fa', 'fab', 'faba') => 1,
351 file_path_name('fa', 'fab', 'faba', 'faba_ord') => 1,
352 file_path_name('fa', 'faa') => 1,
353 file_path_name('fa', 'faa', 'faa_ord') => 1);
357 %Expect_Dir = (dir_path('fa') => 1,
358 dir_path('fa', 'faa') => 1,
359 dir_path('fa', 'fab') => 1,
360 dir_path('fa', 'fab', 'faba') => 1,
362 dir_path('fb', 'fba') => 1);
364 File::Find::find( {wanted => \&wanted_File_Dir, follow_fast => 1,
365 no_chdir => 1, untaint => 1, untaint_pattern =>
366 qr|^(.+)$| }, topdir('fa') );
368 Check( scalar(keys %Expect_File) == 0 );
371 # don't untaint at all, should die
374 eval {File::Find::find( {wanted => \&simple_wanted, follow => 1},
378 Check( $@ =~ m|Insecure dependency| );
379 chdir($cwd_untainted);
381 # untaint pattern doesn't match, should die
384 eval {File::Find::find( {wanted => \&simple_wanted, follow => 1,
385 untaint => 1, untaint_pattern =>
386 qr|^(NO_MATCH)$|}, topdir('fa') );};
388 Check( $@ =~ m|is still tainted| );
389 chdir($cwd_untainted);
391 # untaint pattern doesn't match, should die when we chdir to cwd
392 print "# check untaint_skip (Follow)\n";
395 eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1,
396 untaint_skip => 1, untaint_pattern =>
397 qr|^(NO_MATCH)$|}, topdir('fa') );};
398 Check( $@ =~ m|insecure cwd| );
399 chdir($cwd_untainted);