From: Radu Greab Date: Mon, 26 Nov 2001 18:42:29 +0000 (+0200) Subject: system and taintedness X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=52a55424e4624fc79eb8894fb91c5e2f4a9018ab;p=p5sagit%2Fp5-mst-13.2.git system and taintedness Message-ID: <15362.28917.697078.551412@ix.netsoft.ro> p4raw-id: //depot/perl@13287 --- diff --git a/pp_sys.c b/pp_sys.c index 4b9b096..a2d5721 100644 --- a/pp_sys.c +++ b/pp_sys.c @@ -4030,6 +4030,16 @@ PP(pp_system) int status; Sigsave_t ihand,qhand; /* place to save signals during system() */ + if (PL_tainting) { + SV *cmd = NULL; + if (PL_op->op_flags & OPf_STACKED) + cmd = *(MARK + 1); + else if (SP - MARK != 1) + cmd = *SP; + if (cmd && *(SvPV_nolen(cmd)) != '/') + TAINT_ENV(); + } + if (PerlProc_pipe(pp) >= 0) did_pipes = 1; while ((childpid = PerlProc_fork()) == -1) { diff --git a/t/op/taint.t b/t/op/taint.t index 29b5839..21cf2fa 100755 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -123,7 +123,7 @@ print PROG 'print "@ARGV\n"', "\n"; close PROG; my $echo = "$Invoke_Perl $ECHO"; -print "1..182\n"; +print "1..183\n"; # First, let's make sure that Perl is checking the dangerous # environment variables. Maybe they aren't set yet, so we'll @@ -918,3 +918,11 @@ ok( $@ =~ /^Modification of a read-only value attempted/, my $re3 = "$re2"; test 182, tainted $re3; } + + +{ + # bug 20010221.005 + local $ENV{PATH} .= $TAINT; + eval { system { "echo" } "/arg0", "arg1" }; + test 183, $@ =~ /^Insecure \$ENV/; +}