%ENV = ();
%foo = (
clean => '/usr/matt/.netrc',
dirty => (<>),
);
print "$foo{clean}\n";
sleep 1;
print "$foo{dirty}\n";
sleep 2;
system("ls $foo{clean}"); # ok
system("ls $foo{dirty}"); # error
####
$| = 1;
%ENV = ();
%foo = (
clean => '/usr/matt/.netrc',
dirty => (<>),
);
$bar = {
clean => '/usr/matt/.profile',
dirty => (<>),
};
$and = \%foo;
print "Foo\n";
print "1 : " ; system("echo $foo{clean} > /dev/null 2>&1");
print "2 : " ; system("echo $foo{dirty} > /dev/null 2>&1");
print "Bar\n";
print "1 : " ; system("echo \"$bar\" > /dev/null 2>&1");
print "2 : " ; system("echo $bar->{clean} > /dev/null 2>&1");
print "3 : " ; system("echo $bar->{dirty} > /dev/null 2>&1");
print "And\n";
print "1 : " ; system("echo \"$and\" > /dev/null 2>&1");
print "2 : " ; system("echo $and->{clean} > /dev/null 2>&1");
print "3 : " ; system("echo $and->{dirty} > /dev/null 2>&1");
####
%shell > perl -Du -U -T taintme.pl
EXECUTING...
a
^D
b
^D
Foo
1 : system 0 30004 30004
2 : system 1 30004 30004
a
Bar
1 : system 0 30004 30004
2 : system 1 30004 30004
3 : system 1 30004 30004
And
1 : system 0 30004 30004
2 : system 0 30004 30004
3 : system 1 30004 30004
a
####
$another = +{};
$another->{clean} = '/usr/matt/.kshrc';
$another->{dirty} = (<>);
# and also
print "1 : " ; system("echo \"$another\" > /dev/null 2>&1");
print "2 : " ; system("echo $another->{clean} > /dev/null 2>&1");
print "3 : " ; system("echo $another->{dirty} > /dev/null 2>&1");
####
Another
1 : system 0 30004 30004
2 : system 0 30004 30004
3 : system 1 30004 30004
####
#!/usr/bin/perl -wT
#
use strict;
my $foo = {
'clean' => 'filename.txt',
'dirty' => scalar(<>),
};
open(F,"+>{$foo->{clean}}");
close(F);
####
#!/usr/bin/perl -wT
#
use strict;
my $foo{clean} = 'filename.txt';
$foo{dirty} = scalar(<>);
open(F,"+>{$foo->{clean}}");
close(F);