From: Michael G. Schwern <schwern@pobox.com>
Date: Tue, 4 Sep 2001 17:39:13 +0000 (-0400)
Subject: cwd() taint safe  (was Re: [PATCH lib/Cwd.pm ext/Cwd/Makefile.PL] Full doc cleanup... 
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=3547aa9a8aaf2eba7e5ab912d32d7292dd5fcb51;p=p5sagit%2Fp5-mst-13.2.git

cwd() taint safe  (was Re: [PATCH lib/Cwd.pm ext/Cwd/Makefile.PL] Full doc cleanup (was  Re: [PATCH lib/Cwd.pm]  Try this again.))
Message-ID: <20010904173913.C626@blackrider>

p4raw-id: //depot/perl@11879
---

diff --git a/lib/Cwd.pm b/lib/Cwd.pm
index 3c5c50a..37217fa 100644
--- a/lib/Cwd.pm
+++ b/lib/Cwd.pm
@@ -131,10 +131,22 @@ eval {
     XSLoader::load('Cwd');
 };
 
-# The 'natural and safe form' for UNIX (pwd may be setuid root)
 
+# Find the pwd command in the expected locations.  We assume these
+# are safe.  This prevents _backtick_pwd() consulting $ENV{PATH}
+# so everything works under taint mode.
+my $pwd_cmd;
+foreach my $try (qw(/bin/pwd /usr/bin/pwd)) {
+    if( -x $try ) {
+        $pwd_cmd = $try;
+        last;
+    }
+}
+$pwd_cmd ||= 'pwd';
+
+# The 'natural and safe form' for UNIX (pwd may be setuid root)
 sub _backtick_pwd {
-    my $cwd = `pwd`;
+    my $cwd = `$pwd_cmd`;
     # `pwd` may fail e.g. if the disk is full
     chomp($cwd) if defined $cwd;
     $cwd;