untaint cwd when constructing full perl file path

Previously, we would load perl files using a possibly relative path,
which would work based on . being in @INC.  Now that . is being removed,
we need to use an absolute path (or ./ relative path).  When
absolutizing, cwd would be used, which can be tained.  Although loading
based on . in @INC violates the spirit of taint, it had previously
worked and a downstream module expected it.  Untaint the cwd that gets
used so we can load relative paths under taint mode.

diff --git a/lib/Config/Any/Perl.pm b/lib/Config/Any/Perl.pm
index 2bddfa1..ff27b12 100644 (file)
--- a/lib/Config/Any/Perl.pm
+++ b/lib/Config/Any/Perl.pm
@@ -5,6 +5,7 @@ use warnings;
 
 use base 'Config::Any::Base';
 use File::Spec;
+use Cwd ();
 
 =head1 NAME
 
@@ -49,7 +50,11 @@ sub load {
     my( $exception, $content );
     {
         local $@;
-        $content = do File::Spec->rel2abs($file);
+        # previously this would load based on . being in @INC, and wouldn't
+        # trigger taint errors even if '.' probably should have been considered
+        # tainted.  untaint for backwards compatibility.
+        my ($cwd) = Cwd::cwd() =~ /\A(.*)\z/s;
+        $content = do File::Spec->rel2abs($file, $cwd);
         $exception = $@;
     }
     die $exception if $exception;

diff --git a/t/perl-taint.t b/t/perl-taint.t
new file mode 100644 (file)
index 0000000..abf644f
--- /dev/null
+++ b/t/perl-taint.t
@@ -0,0 +1,6 @@
+#!perl -T
+use strict;
+use warnings;
+
+do './t/53-perl.t'
+  or die ($@ || $!);