$ perl -I. -Tle "use retaint; retaint::foo(); print 123; print substr $ENV{PATH}, 0, 1; " retaint.pm:20: tainted? 1 retaint.pm:21: tainted? 0 123 D $ perl -I. -Tle "use taintall; use retaint; retaint::foo(); print 123; print substr $ENV{PATH}, 0, 1; " /loader/0xb61cbc/retaint.pm:21: tainted? 1 /loader/0xb61cbc/retaint.pm:22: tainted? 1 123 Insecure dependency in 'print' at -e line 1. ##

##

package taintall;
use strict;
use re ();
use Module::Util();
use File::Temp();

use Tie::STDOUT print => sub {
    use Carp;
    use Taint::Util();
    croak( "Insecure dependency in 'print'" )
      if grep { Taint::Util::tainted( $_ ) } @_;
    print @_;
  },
  ;;;;;

$Carp::Internal{ ( 'Tie::STDOUT' ) }++;

unshift @INC, sub {
    my( $thiscoderef, $filename ) = @_;
    my $package  = Module::Util::fs_path_to_module( $filename );
    my $fullpath = Module::Util::find_installed( $package );
    

## tempfile because of
#~ https://rt.perl.org/rt3//Public/Bug/Display.html?id=96008# #96008: use and require are affected by the open pragma
#~ https://rt.perl.org/rt3//Public/Bug/Display.html?id=75722# #75722: Recursive call to Perl_load_module in PerlIO_find_layer
    my( $tempFh, $tempFilename ) = File::Temp::tempfile();
    
    return if not $fullpath or not $tempFilename;
    
    binmode $tempFh;
    print $tempFh "use re 'taint'; "; #line 0
    {
        open my( $fh ), '<', $fullpath
          or die "Can't read ($fullpath): $!\n$^E\n ";
        binmode $fh;
        print $tempFh readline $fh;
        close $fh;
    }
    seek $tempFh, 0, 0;
    return $tempFh;
};;;;;

sub import { re->import( 'taint' ); }

1;


##

##

package retaint;
use strict; use warnings;
use Taint::Util;
sub ut {
    taint(my $sv = "hlagh");
    $sv = $1 if $sv =~ /^(.*)/;
    $sv;
}
sub tt {
    taint(my $sv = "hlagh");
    $sv;
}
sub f{
    my ($package, $filename, $line ) = caller;
 
    printf qq/%s:%d: tainted? %d\n/, $filename, $line, int tainted $_[0];
} 

sub foo {
    f( tt() );
    f( ut() );
}
1;