From f27977c3127ab1a3bd087690c418557490be39b2 Mon Sep 17 00:00:00 2001 From: Martin Hasch Date: Fri, 10 Mar 2006 12:10:49 -0800 Subject: [PATCH] [perl #38709] Opening '|-' triggers unjustified taint check From: mhasch@cpan.org (via RT) Message-ID: p4raw-id: //depot/perl@27951 --- doio.c | 2 +- t/op/taint.t | 31 +++++++++++++++++++++++++++++-- 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/doio.c b/doio.c index 3d29b59..6910cf1 100644 --- a/doio.c +++ b/doio.c @@ -246,7 +246,7 @@ Perl_do_openn(pTHX_ GV *gv, register const char *oname, I32 len, int as_raw, errno = EPIPE; goto say_false; } - if ((*name == '-' && name[1] == '\0') || num_svs) + if (!(*name == '-' && name[1] == '\0') || num_svs) TAINT_ENV(); TAINT_PROPER("piped open"); if (!num_svs && name[len-1] == '|') { diff --git a/t/op/taint.t b/t/op/taint.t index 76b553b..03bcc65 100755 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -17,8 +17,7 @@ use Config; use File::Spec::Functions; BEGIN { require './test.pl'; } -plan tests => 246; - +plan tests => 249; $| = 1; @@ -1158,3 +1157,31 @@ SKIP: my $b = $a + 5; is ($b, 8, "Arithmetic on tainted dualvars works"); } + +# opening '|-' should not trigger $ENV{PATH} check + +{ + SKIP: { + skip "fork() is not available", 3 unless $Config{'d_fork'}; + + $ENV{'PATH'} = $TAINT; + local $SIG{'PIPE'} = 'IGNORE'; + eval { + my $pid = open my $pipe, '|-'; + if (!defined $pid) { + die "open failed: $!"; + } + if (!$pid) { + kill 'KILL', $$; # child suicide + } + close $pipe; + }; + test $@ !~ /Insecure \$ENV/, 'fork triggers %ENV check'; + test $@ eq '', 'pipe/fork/open/close failed'; + eval { + open my $pipe, "|$Invoke_Perl -e 1"; + close $pipe; + }; + test $@ =~ /Insecure \$ENV/, 'popen neglects %ENV check'; + } +} -- 2.7.4