my $TEST = catfile(curdir(), 'TEST');
-print "1..205\n";
+print "1..206\n";
# First, let's make sure that Perl is checking the dangerous
# environment variables. Maybe they aren't set yet, so we'll
my @untainted;
while (my ($k, $v) = each %ENV) {
if (!tainted($v) &&
- # These we have untainted explicitly earlier.
- $k !~ /^(BASH_ENV|CDPATH|ENV|IFS|PATH|TEMP|TERM|TMP)$/) {
+ # These we have explicitly untainted or set earlier.
+ $k !~ /^(BASH_ENV|CDPATH|ENV|IFS|PATH|PERL_CORE|TEMP|TERM|TMP)$/) {
push @untainted, "# '$k' = '$v'\n";
}
}
}
-ok( ${^TAINT}, '$^TAINT is on' );
+ok( ${^TAINT} == 1, '$^TAINT is on' );
eval { ${^TAINT} = 0 };
ok( ${^TAINT}, '$^TAINT is not assignable' );
test 183, $@ =~ /^Insecure \$ENV/;
}
if ($Is_VMS) {
- for (184..203) {print "not ok $_ # TODO tainted %ENV warning occludes tainted arguments warning\n";}
+ for (184..205) {print "not ok $_ # TODO tainted %ENV warning occludes tainted arguments warning\n";}
}
else
{
# bug 20020208.005 plus some extras
# single arg exec/system are tests 80-83
- use if $] lt '5.009', warnings => FATAL => 'taint';
- my $err = $] ge '5.009' ? qr/^Insecure dependency/
- : qr/^Use of tainted arguments/;
+ my $err = qr/^Insecure dependency/ ;
test 184, eval { exec $TAINT, $TAINT } eq '', 'exec';
test 185, $@ =~ $err, $@;
test 186, eval { exec $TAINT $TAINT } eq '', 'exec';
eval { system("lskdfj does not exist","with","args"); };
test 204, $@ eq '';
- eval { exec("lskdfj does not exist","with","args"); };
- test 205, $@ eq '';
+ if ($Is_MacOS) {
+ print "ok 205 # no exec()\n";
+ } else {
+ eval { exec("lskdfj does not exist","with","args"); };
+ test 205, $@ eq '';
+ }
+
+ # If you add tests here update also the above skip block for VMS.
+}
+
+{
+ # [ID 20020704.001] taint propagation failure
+ use re 'taint';
+ $TAINT =~ /(.*)/;
+ test 206, tainted(my $foo = $1);
}