4 my %Expect_File = (); # what we expect for $_
5 my %Expect_Name = (); # what we expect for $File::Find::name/fullname
6 my %Expect_Dir = (); # what we expect for $File::Find::dir
7 my $symlink_exists = eval { symlink("",""); 1 };
13 unshift @INC => '../lib';
15 for (keys %ENV) { # untaint ENV
16 ($ENV{$_}) = $ENV{$_} =~ /(.*)/;
21 if ( $symlink_exists ) { print "1..45\n"; }
22 else { print "1..27\n"; }
28 # Remove insecure directories from PATH
30 my $sep = ($^O eq 'MSWin32') ? ';' : ':';
31 foreach my $dir (split(/$sep/,$ENV{'PATH'}))
33 push(@path,$dir) unless -w $dir;
35 $ENV{'PATH'} = join($sep,@path);
37 my $NonTaintedCwd = $^O eq 'MSWin32' || $^O eq 'cygwin';
41 find({wanted => sub { print "ok 1\n" if $_ eq 'commonsense.t'; },
42 untaint => 1, untaint_pattern => qr|^(.+)$|}, File::Spec->curdir);
44 finddepth({wanted => sub { print "ok 2\n" if $_ eq 'commonsense.t'; },
45 untaint => 1, untaint_pattern => qr|^(.+)$|},
49 my $FastFileTests_OK = 0;
52 if (-d dir_path('for_find')) {
53 chdir(dir_path('for_find'));
55 if (-d dir_path('fa')) {
56 unlink file_path('fa', 'fa_ord'),
57 file_path('fa', 'fsl'),
58 file_path('fa', 'faa', 'faa_ord'),
59 file_path('fa', 'fab', 'fab_ord'),
60 file_path('fa', 'fab', 'faba', 'faba_ord'),
61 file_path('fb', 'fb_ord'),
62 file_path('fb', 'fba', 'fba_ord');
63 rmdir dir_path('fa', 'faa');
64 rmdir dir_path('fa', 'fab', 'faba');
65 rmdir dir_path('fa', 'fab');
67 rmdir dir_path('fb', 'fba');
69 chdir File::Spec->updir;
70 rmdir dir_path('for_find');
80 if ($_[0]) { print "ok $case\n"; }
81 else { print "not ok $case\n"; }
87 if ($_[0]) { print "ok $case\n"; }
88 else { print "not ok $case\n"; exit 0; }
93 print "ok $case # skipped: ",$_[0],"\n";
97 CheckDie( open(my $T,'>',$_[0]) );
101 CheckDie( mkdir($_[0],$_[1]) );
104 sub wanted_File_Dir {
105 print "# \$File::Find::dir => '$File::Find::dir'\n";
106 print "# \$_ => '$_'\n";
107 s#\.$## if ($^O eq 'VMS' && $_ ne '.');
108 Check( $Expect_File{$_} );
109 if ( $FastFileTests_OK ) {
110 delete $Expect_File{ $_}
111 unless ( $Expect_Dir{$_} && ! -d _ );
113 delete $Expect_File{$_}
114 unless ( $Expect_Dir{$_} && ! -d $_ );
118 sub wanted_File_Dir_prune {
120 $File::Find::prune=1 if $_ eq 'faba';
125 print "# \$File::Find::dir => '$File::Find::dir'\n";
126 print "# \$_ => '$_'\n";
130 # Use dir_path() to specify a directory path that's expected for
131 # $File::Find::dir (%Expect_Dir). Also use it in file operations like
134 # dir_path() concatenates directory names to form a _relative_
135 # directory path, independant from the platform it's run on, although
136 # there are limitations. Don't try to create an absolute path,
137 # because that may fail on operating systems that have the concept of
138 # volume names (e.g. Mac OS). Be careful when you want to create an
139 # updir path like ../fa (Unix) or ::fa: (Mac OS). Plain directory
140 # names will work best. As a special case, you can pass it a "." as
141 # first argument, to create a directory path like "./fa/dir" on
142 # operating systems other than Mac OS (actually, Mac OS will ignore
143 # the ".", if it's the first argument). If there's no second argument,
144 # this function will return the empty string on Mac OS and the string
148 my $first_item = shift @_;
150 if ($first_item eq '.') {
151 if ($^O eq 'MacOS') {
153 # ignore first argument; return a relative path
154 # with leading ":" and with trailing ":"
155 return File::Spec->catdir("", @_);
157 return './' unless @_;
158 my $path = File::Spec->catdir(@_);
164 } else { # $first_item ne '.'
165 return $first_item unless @_; # return plain filename
166 if ($^O eq 'MacOS') {
167 # relative path with leading ":" and with trailing ":"
168 return File::Spec->catdir("", $first_item, @_);
170 return File::Spec->catdir($first_item, @_);
176 # Use topdir() to specify a directory path that you want to pass to
177 #find/finddepth Basically, topdir() does the same as dir_path() (see
178 #above), except that there's no trailing ":" on Mac OS.
181 my $path = dir_path(@_);
182 $path =~ s/:$// if ($^O eq 'MacOS');
187 # Use file_path() to specify a file path that's expected for $_ (%Expect_File).
188 # Also suitable for file operations like unlink etc.
190 # file_path() concatenates directory names (if any) and a filename to
191 # form a _relative_ file path (the last argument is assumed to be a
192 # file). It's independant from the platform it's run on, although
193 # there are limitations (see the warnings for dir_path() above). As a
194 # special case, you can pass it a "." as first argument, to create a
195 # file path like "./fa/file" on operating systems other than Mac OS
196 # (actually, Mac OS will ignore the ".", if it's the first
197 # argument). If there's no second argument, this function will return
198 # the empty string on Mac OS and the string "./" otherwise.
201 my $first_item = shift @_;
203 if ($first_item eq '.') {
204 if ($^O eq 'MacOS') {
206 # ignore first argument; return a relative path
207 # with leading ":", but without trailing ":"
208 return File::Spec->catfile("", @_);
210 return './' unless @_;
211 my $path = File::Spec->catfile(@_);
217 } else { # $first_item ne '.'
218 return $first_item unless @_; # return plain filename
219 if ($^O eq 'MacOS') {
220 # relative path with leading ":", but without trailing ":"
221 return File::Spec->catfile("", $first_item, @_);
223 return File::Spec->catfile($first_item, @_);
229 # Use file_path_name() to specify a file path that's expected for
230 # $File::Find::Name (%Expect_Name). Note: When the no_chdir => 1
231 # option is in effect, $_ is the same as $File::Find::Name. In that
232 # case, also use this function to specify a file path that's expected
235 # Basically, file_path_name() does the same as file_path() (see
236 # above), except that there's always a leading ":" on Mac OS, even for
237 # plain file/directory names.
240 my $path = file_path(@_);
241 $path = ":$path" if (($^O eq 'MacOS') && ($path !~ /:/));
247 MkDir( dir_path('for_find'), 0770 );
248 CheckDie(chdir( dir_path('for_find')));
250 $cwd = cwd(); # save cwd
251 ( $cwd_untainted ) = $cwd =~ m|^(.+)$|; # untaint it
253 MkDir( dir_path('fa'), 0770 );
254 MkDir( dir_path('fb'), 0770 );
255 touch( file_path('fb', 'fb_ord') );
256 MkDir( dir_path('fb', 'fba'), 0770 );
257 touch( file_path('fb', 'fba', 'fba_ord') );
258 if ($^O eq 'MacOS') {
259 CheckDie( symlink(':fb',':fa:fsl') ) if $symlink_exists;
261 CheckDie( symlink('../fb','fa/fsl') ) if $symlink_exists;
263 touch( file_path('fa', 'fa_ord') );
265 MkDir( dir_path('fa', 'faa'), 0770 );
266 touch( file_path('fa', 'faa', 'faa_ord') );
267 MkDir( dir_path('fa', 'fab'), 0770 );
268 touch( file_path('fa', 'fab', 'fab_ord') );
269 MkDir( dir_path('fa', 'fab', 'faba'), 0770 );
270 touch( file_path('fa', 'fab', 'faba', 'faba_ord') );
272 print "# check untainting (no follow)\n";
274 # untainting here should work correctly
276 %Expect_File = (File::Spec->curdir => 1, file_path('fsl') =>
277 1,file_path('fa_ord') => 1, file_path('fab') => 1,
278 file_path('fab_ord') => 1, file_path('faba') => 1,
279 file_path('faa') => 1, file_path('faa_ord') => 1);
280 delete $Expect_File{ file_path('fsl') } unless $symlink_exists;
283 %Expect_Dir = ( dir_path('fa') => 1, dir_path('faa') => 1,
284 dir_path('fab') => 1, dir_path('faba') => 1,
285 dir_path('fb') => 1, dir_path('fba') => 1);
287 delete @Expect_Dir{ dir_path('fb'), dir_path('fba') } unless $symlink_exists;
289 File::Find::find( {wanted => \&wanted_File_Dir_prune, untaint => 1,
290 untaint_pattern => qr|^(.+)$|}, topdir('fa') );
292 Check( scalar(keys %Expect_File) == 0 );
295 # don't untaint at all, should die
300 eval {File::Find::find( {wanted => \&simple_wanted}, topdir('fa') );};
301 Check( $@ =~ m|Insecure dependency| );
302 chdir($cwd_untainted);
305 # untaint pattern doesn't match, should die
308 eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1,
309 untaint_pattern => qr|^(NO_MATCH)$|},
312 Check( $@ =~ m|is still tainted| );
313 chdir($cwd_untainted);
316 # untaint pattern doesn't match, should die when we chdir to cwd
317 print "# check untaint_skip (No follow)\n";
320 eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1,
321 untaint_skip => 1, untaint_pattern =>
322 qr|^(NO_MATCH)$|}, topdir('fa') );};
326 if ($NonTaintedCwd) {
327 Skip("$^O does not taint cwd");
330 Check( $@ =~ m|insecure cwd| );
332 chdir($cwd_untainted);
335 if ( $symlink_exists ) {
336 print "# --- symbolic link tests --- \n";
337 $FastFileTests_OK= 1;
339 print "# check untainting (follow)\n";
341 # untainting here should work correctly
342 # no_chdir is in effect, hence we use file_path_name to specify the expected paths for %Expect_File
344 %Expect_File = (file_path_name('fa') => 1,
345 file_path_name('fa','fa_ord') => 1,
346 file_path_name('fa', 'fsl') => 1,
347 file_path_name('fa', 'fsl', 'fb_ord') => 1,
348 file_path_name('fa', 'fsl', 'fba') => 1,
349 file_path_name('fa', 'fsl', 'fba', 'fba_ord') => 1,
350 file_path_name('fa', 'fab') => 1,
351 file_path_name('fa', 'fab', 'fab_ord') => 1,
352 file_path_name('fa', 'fab', 'faba') => 1,
353 file_path_name('fa', 'fab', 'faba', 'faba_ord') => 1,
354 file_path_name('fa', 'faa') => 1,
355 file_path_name('fa', 'faa', 'faa_ord') => 1);
359 %Expect_Dir = (dir_path('fa') => 1,
360 dir_path('fa', 'faa') => 1,
361 dir_path('fa', 'fab') => 1,
362 dir_path('fa', 'fab', 'faba') => 1,
364 dir_path('fb', 'fba') => 1);
366 File::Find::find( {wanted => \&wanted_File_Dir, follow_fast => 1,
367 no_chdir => 1, untaint => 1, untaint_pattern =>
368 qr|^(.+)$| }, topdir('fa') );
370 Check( scalar(keys %Expect_File) == 0 );
373 # don't untaint at all, should die
376 eval {File::Find::find( {wanted => \&simple_wanted, follow => 1},
379 Check( $@ =~ m|Insecure dependency| );
380 chdir($cwd_untainted);
382 # untaint pattern doesn't match, should die
385 eval {File::Find::find( {wanted => \&simple_wanted, follow => 1,
386 untaint => 1, untaint_pattern =>
387 qr|^(NO_MATCH)$|}, topdir('fa') );};
389 Check( $@ =~ m|is still tainted| );
390 chdir($cwd_untainted);
392 # untaint pattern doesn't match, should die when we chdir to cwd
393 print "# check untaint_skip (Follow)\n";
396 eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1,
397 untaint_skip => 1, untaint_pattern =>
398 qr|^(NO_MATCH)$|}, topdir('fa') );};
399 if ($NonTaintedCwd) {
400 Skip("$^O does not taint cwd");
403 Check( $@ =~ m|insecure cwd| );
405 chdir($cwd_untainted);