From: Nick Ing-Simmons <nik@tiuk.ti.com>
Date: Sat, 30 Jun 2001 20:46:46 +0000 (+0000)
Subject: Jeffrey Friedl's <jfriedl@yahoo.com> fix for lib/File/Find/taint.t
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=8ddbe0db64fab7835b6ee250a143591dfee04981;p=p5sagit%2Fp5-mst-13.2.git

Jeffrey Friedl's <jfriedl@yahoo.com> fix for lib/File/Find/taint.t

p4raw-id: //depot/perlio@11050
---

diff --git a/lib/File/Find/taint.t b/lib/File/Find/taint.t
index 1e1258e..f640ef7 100644
--- a/lib/File/Find/taint.t
+++ b/lib/File/Find/taint.t
@@ -8,13 +8,31 @@ my $symlink_exists = eval { symlink("",""); 1 };
 my $cwd;
 my $cwd_untainted;
 
+use Config;
+
 BEGIN {
     chdir 't' if -d 't';
     unshift @INC => '../lib';
 
     for (keys %ENV) { # untaint ENV
-    ($ENV{$_}) = $ENV{$_} =~ /(.*)/;
+	($ENV{$_}) = $ENV{$_} =~ /(.*)/;
     }
+
+    # Remove insecure directories from PATH
+    my @path;
+    my $sep = $Config{path_sep};
+    foreach my $dir (split(/\Q$sep/,$ENV{'PATH'}))
+    {
+	##
+	## Match the directory taint tests in mg.c::Perl_magic_setenv()
+	##
+	push(@path,$dir) unless (length($dir) >= 256
+				 or
+				 substr($dir,0,1) ne "/"
+				 or
+				 (stat $dir)[2] & 002);
+    }
+    $ENV{'PATH'} = join($sep,@path);
 }
 
 
@@ -24,16 +42,7 @@ else                   { print "1..27\n";  }
 use File::Find;
 use File::Spec;
 use Cwd;
-use Config;
 
-# Remove insecure directories from PATH
-my @path;
-my $sep = $Config{path_sep};
-foreach my $dir (split(/$sep/,$ENV{'PATH'}))
- {
-  push(@path,$dir) unless (stat $dir)[2] & 0002;
- }
-$ENV{'PATH'} = join($sep,@path);
 
 my $NonTaintedCwd = $^O eq 'MSWin32' || $^O eq 'cygwin';