Re: unlink taint

~~It's not the wildcard (.*) that makes the expression tainted, but rather what's in $upload_dir and/or $in{'imgid'} (if they originate from program-external input), so you need to untaint those.~~ update: actually, it's the glob itself that, too, returns tainted data (with or without '*').

See perlsec for how to do it.

Comment on Re: unlink taint Select or Download Code

Replies are listed 'Best First'.
Re^2: unlink taint by ikegami (Patriarch) on Dec 20, 2010 at 22:06 UTC
You are mistaken. `$ perl -MScalar::Util=tainted -TE'say tainted($_) for glob ""' 1 1 1 1` [download] `glob` is a source of external input when "" is used. Same goes for `readdir`. `$ perl -MScalar::Util=tainted -TE'opendir(my $dh, "."); say tainted($_ +) for readdir($dh)' 1 1 1 1 1 1` [download]	[reply] [d/l] [select]
Re^3: unlink taint by Anonyrnous Monk (Hermit) on Dec 20, 2010 at 22:57 UTC
glob is a source of external input when "" is used.* You're right. A quick test shows, though, that it doesn't matter whether there's a '*' in the glob expression or not: `$ perl -MScalar::Util=tainted -TE'say tainted($_) for glob "foo"' 1` [download]	[reply] [d/l]
Re^4: unlink taint by ikegami (Patriarch) on Dec 20, 2010 at 23:11 UTC
Interesting, thanks.	[reply]
Re^2: unlink taint by toniax (Scribe) on Dec 20, 2010 at 21:52 UTC
I tried to untaint $upload_dir and/or $in{'imgid'} and it did not work . I will have to read up on it more Thanks -X-	[reply]
Re^3: unlink taint by JavaFan (Canon) on Dec 20, 2010 at 21:54 UTC
How did you try to untaint those values, and how did you determine that it did not work?	[reply]
Re^3: unlink taint by Anonyrnous Monk (Hermit) on Dec 20, 2010 at 21:55 UTC
If you show the code you've tried, we might see what was wrong with it...	[reply]