From 24e8cdb889e0ad40169b18813ffa9d1841ab8217 Mon Sep 17 00:00:00 2001 From: Nick Ing-Simmons Date: Thu, 14 Jun 2001 08:05:53 +0000 Subject: [PATCH] Hack to remove insecure directories from PATH so test will run. p4raw-id: //depot/perlio@10584 --- t/lib/filefind.t | 153 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 81 insertions(+), 72 deletions(-) diff --git a/t/lib/filefind.t b/t/lib/filefind.t index 1152cdf..d07948b 100755 --- a/t/lib/filefind.t +++ b/t/lib/filefind.t @@ -24,15 +24,24 @@ else { print "1..75\n"; } use File::Find; use Cwd; +# Remove insecure directories from PATH +my @path; +my $sep = ($^O eq 'MSWin32') ? ';' : ':'; +foreach my $dir (split(/$sep/,$ENV{'PATH'})) + { + push(@path,$dir) unless -w $dir; + } +$ENV{'PATH'} = join($sep,@path); + cleanup(); if ($^O eq 'MacOS') { - find({wanted => sub { print "ok 1\n" if $_ eq 'filefind.t'; }, untaint => 1}, ':'); + find({wanted => sub { print "ok 1\n" if $_ eq 'filefind.t'; }, untaint => 1}, ':'); finddepth({wanted => sub { print "ok 2\n" if $_ eq 'filefind.t'; }, untaint => 1}, ':'); } else { find({wanted => sub { print "ok 1\n" if $_ eq 'filefind.t'; }, untaint => 1, untaint_pattern => qr|^(.+)$|}, '.'); - finddepth({wanted => sub { print "ok 2\n" if $_ eq 'filefind.t'; }, + finddepth({wanted => sub { print "ok 2\n" if $_ eq 'filefind.t'; }, untaint => 1, untaint_pattern => qr|^(.+)$|}, '.'); } @@ -102,14 +111,14 @@ sub MkDir($$) { } sub wanted { - print "# '$_' => 1\n"; + print "# '$_' => 1\n"; s#\.$## if ($^O eq 'VMS' && $_ ne '.'); Check( $Expect{$_} ); if ( $FastFileTests_OK ) { - delete $Expect{$_} + delete $Expect{$_} unless ( $Expect_Dir{$_} && ! -d _ ); } else { - delete $Expect{$_} + delete $Expect{$_} unless ( $Expect_Dir{$_} && ! -d $_ ); } $File::Find::prune=1 if $_ eq 'faba'; @@ -124,7 +133,7 @@ sub dn_wanted { my $OK = exists($Expect{$n}); unless ($^O eq 'MacOS') { if ( $OK ) { - $OK= exists($Expect{substr($n,0,$i)}) if $i >= 0; + $OK= exists($Expect{substr($n,0,$i)}) if $i >= 0; } } Check($OK); @@ -200,17 +209,17 @@ if ($^O eq 'MacOS') { %Expect = (':' => 1, 'fsl' => 1, 'fa_ord' => 1, 'fab' => 1, 'fab_ord' => 1, 'faba' => 1, 'faa' => 1, 'faa_ord' => 1); delete $Expect{'fsl'} unless $symlink_exists; - %Expect_Dir = (':' => 1, 'fa' => 1, 'faa' => 1, 'fab' => 1, 'faba' => 1, + %Expect_Dir = (':' => 1, 'fa' => 1, 'faa' => 1, 'fab' => 1, 'faba' => 1, 'fb' => 1, 'fba' => 1); delete @Expect_Dir{'fb','fba'} unless $symlink_exists; - File::Find::find( {wanted => \&wanted, untaint => 1},':fa' ); + File::Find::find( {wanted => \&wanted, untaint => 1},':fa' ); Check( scalar(keys %Expect) == 0 ); %Expect=(':fa' => 1, ':fa:fsl' => 1, ':fa:fa_ord' => 1, ':fa:fab' => 1, ':fa:fab:fab_ord' => 1, ':fa:fab:faba' => 1, ':fa:fab:faba:faba_ord' => 1, ':fa:faa' => 1, ':fa:faa:faa_ord' => 1); delete $Expect{':fa:fsl'} unless $symlink_exists; - %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, + %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, ':fb' => 1, ':fb:fba' => 1); delete @Expect_Dir{':fb',':fb:fba'} unless $symlink_exists; File::Find::find( {wanted => \&wanted, no_chdir => 1, untaint => 1},':fa' ); @@ -221,7 +230,7 @@ if ($^O eq 'MacOS') { ':fa:fab:faba:faba_ord' => 1, ':fa:faa' => 1, ':fa:faa:faa_ord' => 1, ':fb' => 1, ':fb:fba' => 1, ':fb:fba:fba_ord' => 1, ':fb:fb_ord' => 1); delete $Expect{':fa:fsl'} unless $symlink_exists; - %Expect_Dir = (':' => 1, ':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, + %Expect_Dir = (':' => 1, ':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, ':fb' => 1, ':fb:fba' => 1); delete @Expect_Dir{':fb',':fb:fba'} unless $symlink_exists; File::Find::finddepth( {wanted => \&dn_wanted, untaint => 1 },':' ); @@ -232,7 +241,7 @@ if ($^O eq 'MacOS') { ':fa:fab:faba:faba_ord' => 1, ':fa:faa' => 1, ':fa:faa:faa_ord' => 1, ':fb' => 1, ':fb:fba' => 1, ':fb:fba:fba_ord' => 1, ':fb:fb_ord' => 1); delete $Expect{':fa:fsl'} unless $symlink_exists; - %Expect_Dir = (':' => 1, ':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, + %Expect_Dir = (':' => 1, ':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, ':fb' => 1, ':fb:fba' => 1); delete @Expect_Dir{':fb',':fb:fba'} unless $symlink_exists; File::Find::finddepth( {wanted => \&d_wanted, no_chdir => 1, untaint => 1 },':' ); @@ -250,14 +259,14 @@ if ($^O eq 'MacOS') { undef $@; eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, - untaint_pattern => qr|^(NO_MATCH)$|},':fa' );}; + untaint_pattern => qr|^(NO_MATCH)$|},':fa' );}; print "# Died: $@"; Check( $@ =~ m|is still tainted| ); chdir($cwd_untainted); print "# check untaint_skip (no follow)\n"; undef $@; - eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, untaint_skip => 1, + eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, untaint_skip => 1, untaint_pattern => qr|^(NO_MATCH)$|}, ':fa' );}; print "# Died: $@"; Check( $@ =~ m|insecure cwd| ); @@ -265,11 +274,11 @@ if ($^O eq 'MacOS') { print "# check preprocess\n"; %Expect=( - ':' => {fa => 1, fb => 1}, + ':' => {fa => 1, fb => 1}, ':fa:' => {faa => 1, fab => 1, fa_ord => 1}, ':fa:faa:' => {faa_ord => 1}, ':fa:fab:' => {faba => 1, fab_ord => 1}, - ':fa:fab:faba:' => {faba_ord => 1}, + ':fa:fab:faba:' => {faba_ord => 1}, ':fb:' => {fba => 1, fb_ord => 1}, ':fb:fba:' => {fba_ord => 1} ); @@ -295,17 +304,17 @@ if ($^O eq 'MacOS') { %Expect=(':' => 1, 'fa_ord' => 1, 'fsl' => 1, 'fb_ord' => 1, 'fba' => 1, 'fba_ord' => 1, 'fab' => 1, 'fab_ord' => 1, 'faba' => 1, 'faa' => 1, 'faa_ord' => 1); - %Expect_Dir = (':' => 1, 'fa' => 1, 'faa' => 1, 'fab' => 1, 'faba' => 1, - 'fb' => 1, 'fba' => 1); + %Expect_Dir = (':' => 1, 'fa' => 1, 'faa' => 1, 'fab' => 1, 'faba' => 1, + 'fb' => 1, 'fba' => 1); File::Find::find( {wanted => \&wanted, follow_fast => 1, untaint => 1},':fa' ); - Check( scalar(keys %Expect) == 0 ); + Check( scalar(keys %Expect) == 0 ); %Expect=(':fa' => 1, ':fa:fa_ord' => 1, ':fa:fsl' => 1, ':fa:fsl:fb_ord' => 1, ':fa:fsl:fba' => 1, ':fa:fsl:fba:fba_ord' => 1, ':fa:fab' => 1, ':fa:fab:fab_ord' => 1, ':fa:fab:faba' => 1, ':fa:fab:faba:faba_ord' => 1, ':fa:faa' => 1, ':fa:faa:faa_ord' => 1); - %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, - ':fb' => 1, ':fb:fba' => 1); + %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, + ':fb' => 1, ':fb:fba' => 1); File::Find::find( {wanted => \&wanted, follow_fast => 1, no_chdir => 1, untaint => 1 },':fa' ); Check( scalar(keys %Expect) == 0 ); @@ -313,7 +322,7 @@ if ($^O eq 'MacOS') { ':fa:fsl:fba' => 1, ':fa:fsl:fba:fba_ord' => 1, ':fa:fab' => 1, ':fa:fab:fab_ord' => 1, ':fa:fab:faba' => 1, ':fa:fab:faba:faba_ord' => 1, ':fa:faa' => 1, ':fa:faa:faa_ord' => 1); - %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, + %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, ':fb' => 1, ':fb:fba' => 1); File::Find::finddepth( {wanted => \&dn_wanted, follow_fast => 1, untaint => 1 },':fa' ); Check( scalar(keys %Expect) == 0 ); @@ -322,10 +331,10 @@ if ($^O eq 'MacOS') { ':fa:fsl:fba' => 1, ':fa:fsl:fba:fba_ord' => 1, ':fa:fab' => 1, ':fa:fab:fab_ord' => 1, ':fa:fab:faba' => 1, ':fa:fab:faba:faba_ord' => 1, ':fa:faa' => 1, ':fa:faa:faa_ord' => 1); - %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, + %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, ':fb' => 1, ':fb:fba' => 1); File::Find::finddepth( {wanted => \&d_wanted, follow_fast => 1, no_chdir => 1, untaint => 1 },':fa' ); - Check( scalar(keys %Expect) == 0 ); + Check( scalar(keys %Expect) == 0 ); # tests below added by Thomas Wegner, 17-05-2001 @@ -340,11 +349,11 @@ if ($^O eq 'MacOS') { %Expect=(':' => 1, 'fa_ord' => 1, 'fsl' => 1, 'fb_ord' => 1, 'fba' => 1, 'fba_ord' => 1, 'fab' => 1, 'fab_ord' => 1, 'faba' => 1, 'faba_ord' => 1, 'faa' => 1, 'faa_ord' => 1); - %Expect_Dir = (':' => 1, 'fa' => 1, 'faa' => 1, 'fab' => 1, 'faba' => 1, + %Expect_Dir = (':' => 1, 'fa' => 1, 'faa' => 1, 'fab' => 1, 'faba' => 1, 'fb' => 1, 'fba' => 1); undef $warn_msg; File::Find::find( {wanted => \&d_wanted, follow => 1, untaint => 1 }, 'dangling_dir_sl', ':fa' ); - Check( $warn_msg =~ m|dangling_dir_sl is a dangling symbolic link| ); + Check( $warn_msg =~ m|dangling_dir_sl is a dangling symbolic link| ); unlink ':fa:dangling_file_sl', 'dangling_dir_sl'; print "# check recursion\n"; @@ -352,13 +361,13 @@ if ($^O eq 'MacOS') { undef $@; eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, no_chdir => 1, untaint => 1 },':fa' ); }; print "# Died: $@"; - Check( $@ =~ m|:for_find:fa:faa:faa_sl is a recursive symbolic link| ); - unlink ':fa:faa:faa_sl'; + Check( $@ =~ m|:for_find:fa:faa:faa_sl is a recursive symbolic link| ); + unlink ':fa:faa:faa_sl'; print "# check follow_skip (file)\n"; CheckDie( symlink(':fa:fa_ord',':fa:fa_ord_sl') ); # symlink to a file undef $@; - eval {File::Find::finddepth( {wanted => \&simple_wanted, follow => 1,follow_skip => 0, + eval {File::Find::finddepth( {wanted => \&simple_wanted, follow => 1,follow_skip => 0, no_chdir => 1, untaint => 1 },':fa' );}; print "# Died: $@"; Check( $@ =~ m|:for_find:fa:fa_ord encountered a second time| ); @@ -367,8 +376,8 @@ if ($^O eq 'MacOS') { ':fa:fsl:fba' => 1, ':fa:fsl:fba:fba_ord' => 1, ':fa:fab' => 1, ':fa:fab:fab_ord' => 1, ':fa:fab:faba' => 1, ':fa:fab:faba:faba_ord' => 1, ':fa:faa' => 1, ':fa:faa:faa_ord' => 1); - %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, - ':fb' => 1, ':fb:fba' => 1); + %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, + ':fb' => 1, ':fb:fba' => 1); File::Find::finddepth( {wanted => \&wanted, follow => 1, follow_skip => 1, no_chdir => 1, untaint => 1 },':fa' ); Check( scalar(keys %Expect) == 0 ); @@ -377,24 +386,24 @@ if ($^O eq 'MacOS') { print "# check follow_skip (directory)\n"; CheckDie( symlink(':fa:faa',':fa:faa_sl') ); # symlink to a directory undef $@; - eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, follow_skip => 0, + eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, follow_skip => 0, no_chdir => 1, untaint => 1 },':fa' );}; print "# Died: $@"; Check( $@ =~ m|:for_find:fa:faa: encountered a second time| ); undef $@; - eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, follow_skip => 1, + eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, follow_skip => 1, no_chdir => 1, untaint => 1 },':fa' );}; print "# Died: $@"; - Check( $@ =~ m|:for_find:fa:faa: encountered a second time| ); + Check( $@ =~ m|:for_find:fa:faa: encountered a second time| ); %Expect=(':fa' => 1, ':fa:fa_ord' => 1, ':fa:fsl' => 1, ':fa:fsl:fb_ord' => 1, ':fa:fsl:fba' => 1, ':fa:fsl:fba:fba_ord' => 1, ':fa:fab' => 1, ':fa:fab:fab_ord' => 1, ':fa:fab:faba' => 1, ':fa:fab:faba:faba_ord' => 1, ':fa:faa' => 1, ':fa:faa:faa_ord' => 1); - %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, - ':fb' => 1, ':fb:fba' => 1); - File::Find::find( {wanted => \&wanted, follow => 1, follow_skip => 2, no_chdir => 1, + %Expect_Dir = (':fa' => 1, ':fa:faa' => 1, ':fa:fab' => 1, ':fa:fab:faba' => 1, + ':fb' => 1, ':fb:fba' => 1); + File::Find::find( {wanted => \&wanted, follow => 1, follow_skip => 2, no_chdir => 1, untaint => 1},':fa' ); Check( scalar(keys %Expect) == 0 ); unlink ':fa:faa_sl'; @@ -407,7 +416,7 @@ if ($^O eq 'MacOS') { Check( $@ =~ m|Insecure dependency| ); chdir($cwd_untainted); - undef $@; + undef $@; eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, untaint => 1, untaint_pattern => qr|^(NO_MATCH)$|},':fa' );}; print "# Died: $@"; @@ -416,7 +425,7 @@ if ($^O eq 'MacOS') { print "# check untaint_skip (follow)\n"; undef $@; - eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, untaint_skip => 1, + eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, untaint_skip => 1, untaint_pattern => qr|^(NO_MATCH)$|}, ':fa' );}; print "# Died: $@"; Check( $@ =~ m|insecure cwd| ); @@ -450,7 +459,7 @@ if ($^O eq 'MacOS') { %Expect = ('.' => 1, 'fsl' => 1, 'fa_ord' => 1, 'fab' => 1, 'fab_ord' => 1, 'faba' => 1, 'faa' => 1, 'faa_ord' => 1); delete $Expect{'fsl'} unless $symlink_exists; - %Expect_Dir = ('fa' => 1, 'faa' => 1, 'fab' => 1, 'faba' => 1, + %Expect_Dir = ('fa' => 1, 'faa' => 1, 'fab' => 1, 'faba' => 1, 'fb' => 1, 'fba' => 1); delete @Expect_Dir{'fb','fba'} unless $symlink_exists; File::Find::find( {wanted => \&wanted, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); @@ -460,7 +469,7 @@ if ($^O eq 'MacOS') { 'fa/fab/fab_ord' => 1, 'fa/fab/faba' => 1, 'fa/fab/faba/faba_ord' => 1, 'fa/faa' => 1, 'fa/faa/faa_ord' => 1); delete $Expect{'fa/fsl'} unless $symlink_exists; - %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, + %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, 'fb' => 1, 'fb/fba' => 1); delete @Expect_Dir{'fb','fb/fba'} unless $symlink_exists; File::Find::find( {wanted => \&wanted, no_chdir => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); @@ -471,7 +480,7 @@ if ($^O eq 'MacOS') { './fa/fab/faba/faba_ord' => 1, './fa/faa' => 1, './fa/faa/faa_ord' => 1, './fb' => 1, './fb/fba' => 1, './fb/fba/fba_ord' => 1, './fb/fb_ord' => 1); delete $Expect{'./fa/fsl'} unless $symlink_exists; - %Expect_Dir = ('./fa' => 1, './fa/faa' => 1, '/fa/fab' => 1, './fa/fab/faba' => 1, + %Expect_Dir = ('./fa' => 1, './fa/faa' => 1, '/fa/fab' => 1, './fa/fab/faba' => 1, './fb' => 1, './fb/fba' => 1); delete @Expect_Dir{'./fb','./fb/fba'} unless $symlink_exists; File::Find::finddepth( {wanted => \&dn_wanted , untaint => 1, untaint_pattern => qr|^(.+)$|},'.' ); @@ -482,7 +491,7 @@ if ($^O eq 'MacOS') { './fa/fab/faba/faba_ord' => 1, './fa/faa' => 1, './fa/faa/faa_ord' => 1, './fb' => 1, './fb/fba' => 1, './fb/fba/fba_ord' => 1, './fb/fb_ord' => 1); delete $Expect{'./fa/fsl'} unless $symlink_exists; - %Expect_Dir = ('./fa' => 1, './fa/faa' => 1, '/fa/fab' => 1, './fa/fab/faba' => 1, + %Expect_Dir = ('./fa' => 1, './fa/faa' => 1, '/fa/fab' => 1, './fa/fab/faba' => 1, './fb' => 1, './fb/fba' => 1); delete @Expect_Dir{'./fb','./fb/fba'} unless $symlink_exists; File::Find::finddepth( {wanted => \&d_wanted, no_chdir => 1, untaint => 1, untaint_pattern => qr|^(.+)$| },'.' ); @@ -500,14 +509,14 @@ if ($^O eq 'MacOS') { undef $@; eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, - untaint_pattern => qr|^(NO_MATCH)$|},'fa' );}; + untaint_pattern => qr|^(NO_MATCH)$|},'fa' );}; print "# Died: $@"; Check( $@ =~ m|is still tainted| ); chdir($cwd_untainted); print "# check untaint_skip (no follow)\n"; undef $@; - eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, untaint_skip => 1, + eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, untaint_skip => 1, untaint_pattern => qr|^(NO_MATCH)$|}, 'fa' );}; print "# Died: $@"; Check( $@ =~ m|insecure cwd| ); @@ -515,23 +524,23 @@ if ($^O eq 'MacOS') { print "# check preprocess\n"; %Expect=( - '.' => {fa => 1, fb => 1}, + '.' => {fa => 1, fb => 1}, './fa' => {faa => 1, fab => 1, fa_ord => 1}, './fa/faa' => {faa_ord => 1}, './fa/fab' => {faba => 1, fab_ord => 1}, - './fa/fab/faba' => {faba_ord => 1}, + './fa/fab/faba' => {faba_ord => 1}, './fb' => {fba => 1, fb_ord => 1}, './fb/fba' => {fba_ord => 1} ); - File::Find::find( {wanted => \&noop_wanted, preprocess => \&my_preprocess, untaint => 1, + File::Find::find( {wanted => \&noop_wanted, preprocess => \&my_preprocess, untaint => 1, untaint_pattern => qr|^(.+)$|}, '.' ); Check( scalar(keys %Expect) == 0 ); print "# check postprocess\n"; %Expect=('.' => 1, './fa' => 1, './fa/faa' => 1, './fa/fab' => 1, './fa/fab/faba' => 1, './fb' => 1, './fb/fba' => 1 ); - File::Find::find( {wanted => \&noop_wanted, postprocess => \&my_postprocess, untaint => 1, + File::Find::find( {wanted => \&noop_wanted, postprocess => \&my_postprocess, untaint => 1, untaint_pattern => qr|^(.+)$|}, '.' ); Check( scalar(keys %Expect) == 0 ); @@ -548,7 +557,7 @@ if ($^O eq 'MacOS') { %Expect=('.' => 1, 'fa_ord' => 1, 'fsl' => 1, 'fb_ord' => 1, 'fba' => 1, 'fba_ord' => 1, 'fab' => 1, 'fab_ord' => 1, 'faba' => 1, 'faa' => 1, 'faa_ord' => 1); - %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, + %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, 'fb' => 1, 'fb/fba' => 1); File::Find::find( {wanted => \&wanted, follow_fast => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); Check( scalar(keys %Expect) == 0 ); @@ -557,9 +566,9 @@ if ($^O eq 'MacOS') { 'fa/fsl/fba' => 1, 'fa/fsl/fba/fba_ord' => 1, 'fa/fab' => 1, 'fa/fab/fab_ord' => 1, 'fa/fab/faba' => 1, 'fa/fab/faba/faba_ord' => 1, 'fa/faa' => 1, 'fa/faa/faa_ord' => 1); - %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, + %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, 'fb' => 1, 'fb/fba' => 1); - File::Find::find( {wanted => \&wanted, follow_fast => 1, no_chdir => 1, untaint => 1, + File::Find::find( {wanted => \&wanted, follow_fast => 1, no_chdir => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); Check( scalar(keys %Expect) == 0 ); @@ -567,9 +576,9 @@ if ($^O eq 'MacOS') { 'fa/fsl/fba' => 1, 'fa/fsl/fba/fba_ord' => 1, 'fa/fab' => 1, 'fa/fab/fab_ord' => 1, 'fa/fab/faba' => 1, 'fa/fab/faba/faba_ord' => 1, 'fa/faa' => 1, 'fa/faa/faa_ord' => 1); - %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, - 'fb' => 1, 'fb/fba' => 1); - File::Find::finddepth( {wanted => \&dn_wanted, follow_fast => 1, untaint => 1, + %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, + 'fb' => 1, 'fb/fba' => 1); + File::Find::finddepth( {wanted => \&dn_wanted, follow_fast => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); Check( scalar(keys %Expect) == 0 ); @@ -577,9 +586,9 @@ if ($^O eq 'MacOS') { 'fa/fsl/fba' => 1, 'fa/fsl/fba/fba_ord' => 1, 'fa/fab' => 1, 'fa/fab/fab_ord' => 1, 'fa/fab/faba' => 1, 'fa/fab/faba/faba_ord' => 1, 'fa/faa' => 1, 'fa/faa/faa_ord' => 1); - %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, + %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, 'fb' => 1, 'fb/fba' => 1); - File::Find::finddepth( {wanted => \&d_wanted, follow_fast => 1, no_chdir => 1, + File::Find::finddepth( {wanted => \&d_wanted, follow_fast => 1, no_chdir => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); Check( scalar(keys %Expect) == 0 ); @@ -596,38 +605,38 @@ if ($^O eq 'MacOS') { %Expect=('.' => 1, 'fa_ord' => 1, 'fsl' => 1, 'fb_ord' => 1, 'fba' => 1, 'fba_ord' => 1, 'fab' => 1, 'fab_ord' => 1, 'faba' => 1, 'faba_ord' => 1, 'faa' => 1, 'faa_ord' => 1); - %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, 'fa/fab' => 1, 'fa/fab/faba' => 1, + %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, 'fa/fab' => 1, 'fa/fab/faba' => 1, 'fb' => 1, 'fb/fba' => 1); undef $warn_msg; - File::Find::find( {wanted => \&d_wanted, follow => 1, untaint => 1, + File::Find::find( {wanted => \&d_wanted, follow => 1, untaint => 1, untaint_pattern => qr|^(.+)$|}, 'dangling_dir_sl', 'fa' ); - Check( $warn_msg =~ m|dangling_dir_sl is a dangling symbolic link| ); + Check( $warn_msg =~ m|dangling_dir_sl is a dangling symbolic link| ); unlink 'fa/dangling_file_sl', 'dangling_dir_sl'; print "# check recursion\n"; CheckDie( symlink('../faa','fa/faa/faa_sl') ); undef $@; - eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, no_chdir => 1, + eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, no_chdir => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); }; print "# Died: $@"; - Check( $@ =~ m|for_find/fa/faa/faa_sl is a recursive symbolic link| ); - unlink 'fa/faa/faa_sl'; - + Check( $@ =~ m|for_find/fa/faa/faa_sl is a recursive symbolic link| ); + unlink 'fa/faa/faa_sl'; + print "# check follow_skip (file)\n"; CheckDie( symlink('./fa_ord','fa/fa_ord_sl') ); # symlink to a file undef $@; - eval {File::Find::finddepth( {wanted => \&simple_wanted, follow => 1, follow_skip => 0, no_chdir => 1, + eval {File::Find::finddepth( {wanted => \&simple_wanted, follow => 1, follow_skip => 0, no_chdir => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' );}; print "# Died: $@"; Check( $@ =~ m|for_find/fa/fa_ord encountered a second time| ); - + %Expect=('fa' => 1, 'fa/fa_ord' => 1, 'fa/fsl' => 1, 'fa/fsl/fb_ord' => 1, 'fa/fsl/fba' => 1, 'fa/fsl/fba/fba_ord' => 1, 'fa/fab' => 1, 'fa/fab/fab_ord' => 1, 'fa/fab/faba' => 1, 'fa/fab/faba/faba_ord' => 1, 'fa/faa' => 1, 'fa/faa/faa_ord' => 1); - %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, - 'fb' => 1, 'fb/fba' => 1); - File::Find::finddepth( {wanted => \&wanted, follow => 1, follow_skip => 1, no_chdir => 1, + %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, + 'fb' => 1, 'fb/fba' => 1); + File::Find::finddepth( {wanted => \&wanted, follow => 1, follow_skip => 1, no_chdir => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); Check( scalar(keys %Expect) == 0 ); unlink 'fa/fa_ord_sl'; @@ -650,8 +659,8 @@ if ($^O eq 'MacOS') { 'fa/fsl/fba' => 1, 'fa/fsl/fba/fba_ord' => 1, 'fa/fab' => 1, 'fa/fab/fab_ord' => 1, 'fa/fab/faba' => 1, 'fa/fab/faba/faba_ord' => 1, 'fa/faa' => 1, 'fa/faa/faa_ord' => 1); - %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, - 'fb' => 1, 'fb/fba' => 1); + %Expect_Dir = ('fa' => 1, 'fa/faa' => 1, '/fa/fab' => 1, 'fa/fab/faba' => 1, + 'fb' => 1, 'fb/fba' => 1); File::Find::find( {wanted => \&wanted, follow => 1, follow_skip => 2, no_chdir => 1, untaint => 1, untaint_pattern => qr|^(.+)$|},'fa' ); Check( scalar(keys %Expect) == 0 ); @@ -665,7 +674,7 @@ if ($^O eq 'MacOS') { Check( $@ =~ m|Insecure dependency| ); chdir($cwd_untainted); - undef $@; + undef $@; eval {File::Find::find( {wanted => \&simple_wanted, follow => 1, untaint => 1, untaint_pattern => qr|^(NO_MATCH)$|},'fa' );}; print "# Died: $@"; @@ -674,7 +683,7 @@ if ($^O eq 'MacOS') { print "# check untaint_skip (follow)\n"; undef $@; - eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, untaint_skip => 1, + eval {File::Find::find( {wanted => \&simple_wanted, untaint => 1, untaint_skip => 1, untaint_pattern => qr|^(NO_MATCH)$|}, 'fa' );}; print "# Died: $@"; Check( $@ =~ m|insecure cwd| ); -- 2.7.4