Background
I have some mail spool files that are corrupted.
I want to retrieve some binary attachments from these spool files.
Solution so far
This script reads in a file in the same directory, unencodes it, and then writes it out to new file, the name of which is taken from STDIN.
Problem
I get the following error message when I run the script.
(the filename i'm entering into STDIN is "info.wav") Insecure dependancy in open while running with -T switch at ./base64.pl line 48 Which relates to the following line: 
open (FILEOUT, "> $file_out")
    or die "Couldn't create output file:\n$!\n";

[download]
I have tried running a regex on $ENV{PATH}, and it wasn't that, so I'm not sure what is failing Taint.
As you can see in the code below, the variable being used in the open, has been passed through a regexp, so it should be untainted. 
#!/usr/bin/perl -wT
use strict;
use MIME::Base64;

my $file_in = 'base64data';

### get variables
chomp (my $file_out = <STDIN>);
my $data_enc;
my $data_unenc;

$ENV{PATH} = "";

### check file_in
unless ($file_in =~ /^[\w][\w\._-]*$/) {
    print "Insecure file_in\n";
    exit;
}
if ($file_in =~ /^\.{2,}$/) {
    print "Insecure file_in path\n";
    exit;
}

### untaint file_out
unless ($file_out =~ /[\w][\w\._-]*$/) {
    print "Insecure file_out\n";
    exit;
}
if ($file_out =~ /^\.{2,}$/) {
    print "Insecure file_out path\n";
    exit;
}

### get the data from input_file
open (FILEIN, "< $file_in")
    or die "Couldn't open input file:\n$!\n";

while (<FILEIN>) {
    $data_enc .= $_;
}

close (FILEIN);

### unencode the data
$data_unenc = decode_base64($data_enc);

### write the data to the output file
open (FILEOUT, "> $file_out")
    or die "Couldn't create output file:\n$!\n";

print FILEOUT $data_unenc;

close (FILEOUT);

### finish
print "Operation successful.\n";

exit;

[download]

In reply to Taint problem opening file to write by fireartist

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.