develooper Front page | perl.perl5.porters | Postings from November 1999

[ID 19991124.006]

David Muir Sharnoff
November 24, 1999 17:01
[ID 19991124.006]
Message ID:
~s Untaint by regex match not reliable?
This is a bug report for perl from,
generated with the help of perlbug 1.26 running under perl 5.00502.

[Please enter your report here]

I've long believed that the way to untaint something was to do a
regex match against it and then use one of the numbered matches...

The following code shows that this does not always work:

--------------------- cut here -----------------
exec env PT=zz/yy perl -Tx $0
#!/usr/local/bin/perl -T

my $pcold = "/yy";
my $tainted, $nottainted;
if ($ENV{'PT'} =~ m,^(.*)\Q$pcold\E$,) {
	$tainted = "$1/pp";
if ($ENV{'PT'} =~ m,^([.]*)\Q$pcold\E$,) {
	$nottainted = "$1/pp";

print (STDERR is_tainted($tainted) ? "TAINTED\n" : "NOT TAINTED\n");
print (STDERR is_tainted($nottainted) ? "TAINTED\n" : "NOT TAINTED\n");

sub is_tainted 
       return ! eval {
		join('',@_), kill 0;

--------------------- cut here -----------------

Correct behavior would be to print "NOT TAINTED" twice. 

Interestingly enough, the taintedness of the variable showed up
a little late.

	$tainted above got inserted into @INC
	A module was found in the directory $tainted
	In that module, fastcwd() was called.   It died in

This is also true with 5.005_03.

[Please do not change anything below this line]

Site configuration information for perl 5.00502:

Configured by markm at $Date: 1999/01/17 09:53:34 $.

Summary of my perl5 (5.0 patchlevel 5 subversion 2) configuration:
    osname=freebsd, osvers=3.0-current, archname=i386-freebsd
    uname='freebsd 3.0-current #0: '
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef useperlio=undef d_sfio=undef
    cc='cc', optimize='undef', gccversion=
    ccflags =''
    stdchar='char', d_stdstdio=undef, usevfork=true
    intsize=4, longsize=4, ptrsize=4, doublesize=8
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    alignbytes=4, usemymalloc=n, prototype=define
  Linker and Libraries:
    ld='ld', ldflags ='-Wl,-E '
    libs=-lm -lc -lcrypt
    libc=undef, so=so, useshrplib=true,
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
    cccdlflags='-DPIC -fpic', lddlflags='-shared '

Locally applied patches:

@INC for perl 5.00502:

Environment for perl 5.00502:
    LANG (unset)
    LOGDIR (unset)
    PERL_BADLANG (unset)
    SHELL=/bin/tcsh Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About