X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=taint.c;h=24fd487d7529bd39eb3dd1d73252a5f8a17eb8a5;hb=d7d93a8159c0ca10065c583e76157a51736a62cd;hp=6c64b39fc7732c52a095d48575f7ebda11b5fc28;hpb=748a93069b3d16374a9859d1456065dd3ae11394;p=p5sagit%2Fp5-mst-13.2.git diff --git a/taint.c b/taint.c index 6c64b39..24fd487 100644 --- a/taint.c +++ b/taint.c @@ -5,67 +5,118 @@ */ #include "EXTERN.h" +#define PERL_IN_TAINT_C #include "perl.h" void -taint_not(s) -char *s; +Perl_taint_proper(pTHX_ const char *f, const char *s) { - if (euid != uid) - croak("No %s allowed while running setuid", s); - if (egid != gid) - croak("No %s allowed while running setgid", s); -} + dTHR; /* just for taint */ + char *ug; -void -taint_proper(f, s) -char *f; -char *s; -{ - if (tainting) { - DEBUG_u(fprintf(stderr,"%s %d %d %d\n",s,tainted,uid, euid)); - if (tainted) { - char *ug = 0; - if (euid != uid) - ug = " while running setuid"; - else if (egid != gid) - ug = " while running setgid"; - else if (tainting) - ug = " while running with -T switch"; - if (ug) { - if (!unsafe) - croak(f, s, ug); - else if (dowarn) - warn(f, s, ug); - } - } + DEBUG_u(PerlIO_printf(Perl_debug_log, + "%s %d %"Uid_t_f" %"Uid_t_f"\n", s, PL_tainted, PL_uid, PL_euid)); + + if (PL_tainted) { + if (!f) + f = PL_no_security; + if (PL_euid != PL_uid) + ug = " while running setuid"; + else if (PL_egid != PL_gid) + ug = " while running setgid"; + else + ug = " while running with -T switch"; + if (!PL_unsafe) + Perl_croak(aTHX_ f, s, ug); + else if (ckWARN(WARN_TAINT)) + Perl_warner(aTHX_ WARN_TAINT, f, s, ug); } } void -taint_env() +Perl_taint_env(pTHX) { SV** svp; + MAGIC* mg; + char** e; + static char* misc_env[] = { + "IFS", /* most shells' inter-field separators */ + "CDPATH", /* ksh dain bramage #1 */ + "ENV", /* ksh dain bramage #2 */ + "BASH_ENV", /* bash dain bramage -- I guess it's contagious */ + NULL + }; - if (tainting) { - MAGIC *mg = 0; - svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE); - if (!svp || *svp == &sv_undef || - ((mg = mg_find(*svp, 't')) && mg->mg_len & 1)) - { - tainted = TRUE; - if (mg && MgTAINTEDDIR(mg)) - taint_proper("Insecure directory in %s%s", "$ENV{PATH}"); - else - taint_proper("Insecure %s%s", "$ENV{PATH}"); + if (!PL_envgv) + return; + +#ifdef VMS + { + int i = 0; + char name[10 + TYPE_DIGITS(int)] = "DCL$PATH"; + + while (1) { + if (i) + (void)sprintf(name,"DCL$PATH;%d", i); + svp = hv_fetch(GvHVn(PL_envgv), name, strlen(name), FALSE); + if (!svp || *svp == &PL_sv_undef) + break; + if (SvTAINTED(*svp)) { + dTHR; + TAINT; + taint_proper("Insecure %s%s", "$ENV{DCL$PATH}"); } - svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE); - if (svp && *svp != &sv_undef && - (mg = mg_find(*svp, 't')) && mg->mg_len & 1) - { - tainted = TRUE; - taint_proper("Insecure %s%s", "$ENV{IFS}"); + if ((mg = mg_find(*svp, 'e')) && MgTAINTEDDIR(mg)) { + dTHR; + TAINT; + taint_proper("Insecure directory in %s%s", "$ENV{DCL$PATH}"); + } + i++; + } + } +#endif /* VMS */ + + svp = hv_fetch(GvHVn(PL_envgv),"PATH",4,FALSE); + if (svp && *svp) { + if (SvTAINTED(*svp)) { + dTHR; + TAINT; + taint_proper("Insecure %s%s", "$ENV{PATH}"); + } + if ((mg = mg_find(*svp, 'e')) && MgTAINTEDDIR(mg)) { + dTHR; + TAINT; + taint_proper("Insecure directory in %s%s", "$ENV{PATH}"); } } -} +#ifndef VMS + /* tainted $TERM is okay if it contains no metachars */ + svp = hv_fetch(GvHVn(PL_envgv),"TERM",4,FALSE); + if (svp && *svp && SvTAINTED(*svp)) { + dTHR; /* just for taint */ + STRLEN n_a; + bool was_tainted = PL_tainted; + char *t = SvPV(*svp, n_a); + char *e = t + n_a; + PL_tainted = was_tainted; + if (t < e && isALNUM(*t)) + t++; + while (t < e && (isALNUM(*t) || *t == '-' || *t == ':')) + t++; + if (t < e) { + TAINT; + taint_proper("Insecure $ENV{%s}%s", "TERM"); + } + } +#endif /* !VMS */ + + for (e = misc_env; *e; e++) { + svp = hv_fetch(GvHVn(PL_envgv), *e, strlen(*e), FALSE); + if (svp && *svp != &PL_sv_undef && SvTAINTED(*svp)) { + dTHR; /* just for taint */ + TAINT; + taint_proper("Insecure $ENV{%s}%s", *e); + } + } +}