source: trunk/third/perl/taint.c @ 10724

Revision 10724, 2.4 KB checked in by ghudson, 27 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r10723, which included commits to RCS files with non-trunk default branches.
Line 
1/*
2 * "...we will have peace, when you and all your works have perished--and
3 * the works of your dark master to whom you would deliver us.  You are a
4 * liar, Saruman, and a corrupter of men's hearts."  --Theoden
5 */
6
7#include "EXTERN.h"
8#include "perl.h"
9
10void
11taint_proper(f, s)
12const char *f;
13char *s;
14{
15    char *ug;
16
17    DEBUG_u(PerlIO_printf(Perl_debug_log,
18            "%s %d %d %d\n", s, tainted, uid, euid));
19
20    if (tainted) {
21        if (euid != uid)
22            ug = " while running setuid";
23        else if (egid != gid)
24            ug = " while running setgid";
25        else
26            ug = " while running with -T switch";
27        if (!unsafe)
28            croak(f, s, ug);
29        else if (dowarn)
30            warn(f, s, ug);
31    }
32}
33
34void
35taint_env()
36{
37    SV** svp;
38    MAGIC* mg;
39    char** e;
40    static char* misc_env[] = {
41        "IFS",          /* most shells' inter-field separators */
42        "CDPATH",       /* ksh dain bramage #1 */
43        "ENV",          /* ksh dain bramage #2 */
44        "BASH_ENV",     /* bash dain bramage -- I guess it's contagious */
45        NULL
46    };
47
48#ifdef VMS
49    int i = 0;
50    char name[10 + TYPE_DIGITS(int)] = "DCL$PATH";
51
52    while (1) {
53        if (i)
54            (void)sprintf(name,"DCL$PATH;%d", i);
55        svp = hv_fetch(GvHVn(envgv), name, strlen(name), FALSE);
56        if (!svp || *svp == &sv_undef)
57            break;
58        if (SvTAINTED(*svp)) {
59            TAINT;
60            taint_proper("Insecure %s%s", "$ENV{DCL$PATH}");
61        }
62        if ((mg = mg_find(*svp, 'e')) && MgTAINTEDDIR(mg)) {
63            TAINT;
64            taint_proper("Insecure directory in %s%s", "$ENV{DCL$PATH}");
65        }
66        i++;
67    }
68#endif /* VMS */
69
70    svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
71    if (svp && *svp) {
72        if (SvTAINTED(*svp)) {
73            TAINT;
74            taint_proper("Insecure %s%s", "$ENV{PATH}");
75        }
76        if ((mg = mg_find(*svp, 'e')) && MgTAINTEDDIR(mg)) {
77            TAINT;
78            taint_proper("Insecure directory in %s%s", "$ENV{PATH}");
79        }
80    }
81
82#ifndef VMS
83    /* tainted $TERM is okay if it contains no metachars */
84    svp = hv_fetch(GvHVn(envgv),"TERM",4,FALSE);
85    if (svp && *svp && SvTAINTED(*svp)) {
86        bool was_tainted = tainted;
87        char *t = SvPV(*svp, na);
88        char *e = t + na;
89        tainted = was_tainted;
90        if (t < e && isALNUM(*t))
91            t++;
92        while (t < e && (isALNUM(*t) || *t == '-' || *t == ':'))
93            t++;
94        if (t < e) {
95            TAINT;
96            taint_proper("Insecure $ENV{%s}%s", "TERM");
97        }
98    }
99#endif /* !VMS */
100
101    for (e = misc_env; *e; e++) {
102        svp = hv_fetch(GvHVn(envgv), *e, strlen(*e), FALSE);
103        if (svp && *svp != &sv_undef && SvTAINTED(*svp)) {
104            TAINT;
105            taint_proper("Insecure $ENV{%s}%s", *e);
106        }
107    }
108}
Note: See TracBrowser for help on using the repository browser.