Fix for ID 20010519.003: sysopen() wasn't tainting :-(

p4raw-id: //depot/perl@10172

diff --git a/doio.c b/doio.c
index fd40ae0..87e5901 100644 (file)
--- a/doio.c
+++ b/doio.c
@@ -141,12 +141,14 @@ Perl_do_openn(pTHX_ GV *gv, register char *name, I32 len, int as_raw,
         /* sysopen style args, i.e. integer mode and permissions */
        STRLEN ix = 0;
        if (num_svs != 0) {
-            Perl_croak(aTHX_ "panic:sysopen with multiple args");
+            Perl_croak(aTHX_ "panic: sysopen with multiple args");
        }
+       if (rawmode & (O_WRONLY|O_RDWR|O_APPEND|O_CREAT|O_TRUNC))
+           TAINT_PROPER("sysopen");
        mode[ix++] = '#'; /* Marker to openn to use numeric "sysopen" */
 
 #if defined(USE_64_BIT_RAWIO) && defined(O_LARGEFILE)
-       rawmode |= O_LARGEFILE;
+       rawmode |= O_LARGEFILE; /* Transparently largefiley. */
 #endif
 
 #ifndef O_ACCMODE
@@ -193,7 +195,7 @@ Perl_do_openn(pTHX_ GV *gv, register char *name, I32 len, int as_raw,
        num_svs = 1;
        svp = &namesv;
         type = Nullch;
-       fp = PerlIO_openn(aTHX_ type,mode, -1, rawmode, rawperm, NULL, num_svs, svp);
+       fp = PerlIO_openn(aTHX_ type, mode, -1, rawmode, rawperm, NULL, num_svs, svp);
     }
     else {
        /* Regular (non-sys) open */

diff --git a/t/op/taint.t b/t/op/taint.t
index 8ff566e..737c2ea 100755 (executable)
--- a/t/op/taint.t
+++ b/t/op/taint.t
@@ -106,7 +106,7 @@ print PROG 'print "@ARGV\n"', "\n";
 close PROG;
 my $echo = "$Invoke_Perl $ECHO";
 
-print "1..155\n";
+print "1..173\n";
 
 # First, let's make sure that Perl is checking the dangerous
 # environment variables. Maybe they aren't set yet, so we'll
@@ -735,3 +735,67 @@ else {
     close IN;
 }
 
+{
+    # bug id 20010519.003
+
+    use Fcntl;
+
+    my $evil = "foo" . $TAINT;
+
+    eval { sysopen(my $ro, $evil, O_RDONLY) };
+    test 156, $@ !~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $wo, $evil, O_WRONLY) };
+    test 157, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $rw, $evil, O_RDWR) };
+    test 158, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $ap, $evil, O_APPEND) };
+    test 159, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $cr, $evil, O_CREAT) };
+    test 160, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $tr, $evil, O_TRUNC) };
+    test 161, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $ro, "foo", O_RDONLY | $evil) };
+    test 162, $@ !~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $wo, "foo", O_WRONLY | $evil) };
+    test 163, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $rw, "foo", O_RDWR | $evil) };
+    test 164, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $ap, "foo", O_APPEND | $evil) };
+    test 165, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $cr, "foo", O_CREAT | $evil) };
+    test 166, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $tr, "foo", O_TRUNC | $evil) };
+    test 167, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $ro, "foo", O_RDONLY, $evil) };
+    test 168, $@ !~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $wo, "foo", O_WRONLY, $evil) };
+    test 169, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $rw, "foo", O_RDWR, $evil) };
+    test 170, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $ap, "foo", O_APPEND, $evil) };
+    test 171, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $cr, "foo", O_CREAT, $evil) };
+    test 172, $@ =~ /^Insecure dependency/, $@;
+
+    eval { sysopen(my $tr, "foo", O_TRUNC, $evil) };
+    test 173, $@ =~ /^Insecure dependency/, $@;
+
+    unlink("foo"); # not unlink($evil), because that would fail...
+}
+