Mercurial > repo
annotate perl-5.22.2/taint.c @ 8045:a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
| author | HackBot |
|---|---|
| date | Sat, 14 May 2016 14:54:38 +0000 |
| parents | |
| children |
| rev | line source |
|---|---|
|
8045
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
1 /* taint.c |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
2 * |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
3 * Copyright (C) 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
4 * 2002, 2003, 2004, 2005, 2006, 2007, 2008 by Larry Wall and others |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
5 * |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
6 * You may distribute under the terms of either the GNU General Public |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
7 * License or the Artistic License, as specified in the README file. |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
8 * |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
9 */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
10 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
11 /* |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
12 * '...we will have peace, when you and all your works have perished--and |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
13 * the works of your dark master to whom you would deliver us. You are a |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
14 * liar, Saruman, and a corrupter of men's hearts.' --Théoden |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
15 * |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
16 * [p.580 of _The Lord of the Rings_, III/x: "The Voice of Saruman"] |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
17 */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
18 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
19 /* This file contains a few functions for handling data tainting in Perl |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
20 */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
21 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
22 #include "EXTERN.h" |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
23 #define PERL_IN_TAINT_C |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
24 #include "perl.h" |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
25 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
26 void |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
27 Perl_taint_proper(pTHX_ const char *f, const char *const s) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
28 { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
29 #if defined(HAS_SETEUID) && defined(DEBUGGING) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
30 PERL_ARGS_ASSERT_TAINT_PROPER; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
31 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
32 { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
33 const Uid_t uid = PerlProc_getuid(); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
34 const Uid_t euid = PerlProc_geteuid(); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
35 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
36 #if Uid_t_sign == 1 /* uid_t is unsigned. */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
37 DEBUG_u(PerlIO_printf(Perl_debug_log, |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
38 "%s %d %"UVuf" %"UVuf"\n", |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
39 s, TAINT_get, (UV)uid, (UV)euid)); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
40 #else /* uid_t is signed (Uid_t_sign == -1), or don't know. */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
41 DEBUG_u(PerlIO_printf(Perl_debug_log, |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
42 "%s %d %"IVdf" %"IVdf"\n", |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
43 s, TAINT_get, (IV)uid, (IV)euid)); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
44 #endif |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
45 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
46 #endif |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
47 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
48 if (TAINT_get) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
49 const char *ug; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
50 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
51 if (!f) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
52 f = PL_no_security; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
53 if (PerlProc_getuid() != PerlProc_geteuid()) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
54 ug = " while running setuid"; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
55 else if (PerlProc_getgid() != PerlProc_getegid()) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
56 ug = " while running setgid"; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
57 else if (TAINT_WARN_get) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
58 ug = " while running with -t switch"; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
59 else |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
60 ug = " while running with -T switch"; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
61 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
62 /* XXX because taint_proper adds extra format args, we can't |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
63 * get the caller to check properly; o we just silence the warning |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
64 * and hope the callers aren't naughty */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
65 GCC_DIAG_IGNORE(-Wformat-nonliteral); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
66 if (PL_unsafe || TAINT_WARN_get) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
67 Perl_ck_warner_d(aTHX_ packWARN(WARN_TAINT), f, s, ug); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
68 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
69 else { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
70 Perl_croak(aTHX_ f, s, ug); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
71 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
72 GCC_DIAG_RESTORE; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
73 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
74 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
75 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
76 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
77 void |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
78 Perl_taint_env(pTHX) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
79 { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
80 SV** svp; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
81 MAGIC* mg; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
82 const char* const *e; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
83 static const char* const misc_env[] = { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
84 "IFS", /* most shells' inter-field separators */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
85 "CDPATH", /* ksh dain bramage #1 */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
86 "ENV", /* ksh dain bramage #2 */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
87 "BASH_ENV", /* bash dain bramage -- I guess it's contagious */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
88 #ifdef WIN32 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
89 "PERL5SHELL", /* used for system() on Windows */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
90 #endif |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
91 NULL |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
92 }; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
93 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
94 /* Don't bother if there's no *ENV glob */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
95 if (!PL_envgv) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
96 return; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
97 /* If there's no %ENV hash or if it's not magical, croak, because |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
98 * it probably doesn't reflect the actual environment */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
99 if (!GvHV(PL_envgv) || !(SvRMAGICAL(GvHV(PL_envgv)) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
100 && mg_find((const SV *)GvHV(PL_envgv), PERL_MAGIC_env))) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
101 const bool was_tainted = TAINT_get; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
102 const char * const name = GvENAME(PL_envgv); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
103 TAINT; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
104 if (strEQ(name,"ENV")) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
105 /* hash alias */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
106 taint_proper("%%ENV is aliased to %s%s", "another variable"); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
107 else |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
108 /* glob alias: report it in the error message */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
109 taint_proper("%%ENV is aliased to %%%s%s", name); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
110 /* this statement is reached under -t or -U */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
111 TAINT_set(was_tainted); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
112 #ifdef NO_TAINT_SUPPORT |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
113 PERL_UNUSED_VAR(was_tainted); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
114 #endif |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
115 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
116 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
117 #ifdef VMS |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
118 { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
119 int i = 0; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
120 char name[10 + TYPE_DIGITS(int)] = "DCL$PATH"; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
121 STRLEN len = 8; /* strlen(name) */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
122 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
123 while (1) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
124 if (i) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
125 len = my_sprintf(name,"DCL$PATH;%d", i); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
126 svp = hv_fetch(GvHVn(PL_envgv), name, len, FALSE); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
127 if (!svp || *svp == &PL_sv_undef) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
128 break; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
129 if (SvTAINTED(*svp)) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
130 TAINT; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
131 taint_proper("Insecure %s%s", "$ENV{DCL$PATH}"); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
132 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
133 if ((mg = mg_find(*svp, PERL_MAGIC_envelem)) && MgTAINTEDDIR(mg)) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
134 TAINT; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
135 taint_proper("Insecure directory in %s%s", "$ENV{DCL$PATH}"); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
136 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
137 i++; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
138 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
139 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
140 #endif /* VMS */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
141 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
142 svp = hv_fetchs(GvHVn(PL_envgv),"PATH",FALSE); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
143 if (svp && *svp) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
144 if (SvTAINTED(*svp)) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
145 TAINT; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
146 taint_proper("Insecure %s%s", "$ENV{PATH}"); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
147 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
148 if ((mg = mg_find(*svp, PERL_MAGIC_envelem)) && MgTAINTEDDIR(mg)) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
149 TAINT; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
150 taint_proper("Insecure directory in %s%s", "$ENV{PATH}"); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
151 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
152 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
153 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
154 #ifndef VMS |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
155 /* tainted $TERM is okay if it contains no metachars */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
156 svp = hv_fetchs(GvHVn(PL_envgv),"TERM",FALSE); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
157 if (svp && *svp && SvTAINTED(*svp)) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
158 STRLEN len; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
159 const bool was_tainted = TAINT_get; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
160 const char *t = SvPV_const(*svp, len); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
161 const char * const e = t + len; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
162 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
163 TAINT_set(was_tainted); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
164 #ifdef NO_TAINT_SUPPORT |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
165 PERL_UNUSED_VAR(was_tainted); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
166 #endif |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
167 if (t < e && isWORDCHAR(*t)) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
168 t++; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
169 while (t < e && (isWORDCHAR(*t) || strchr("-_.+", *t))) |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
170 t++; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
171 if (t < e) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
172 TAINT; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
173 taint_proper("Insecure $ENV{%s}%s", "TERM"); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
174 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
175 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
176 #endif /* !VMS */ |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
177 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
178 for (e = misc_env; *e; e++) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
179 SV * const * const svp = hv_fetch(GvHVn(PL_envgv), *e, strlen(*e), FALSE); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
180 if (svp && *svp != &PL_sv_undef && SvTAINTED(*svp)) { |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
181 TAINT; |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
182 taint_proper("Insecure $ENV{%s}%s", *e); |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
183 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
184 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
185 } |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
186 |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
187 /* |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
188 * ex: set ts=8 sts=4 sw=4 et: |
|
a16537d2fe07
<xfix> tar xf perl-5.22.2.tar.gz # Ah, whatever, I\'m doing it anyway
HackBot
parents:
diff
changeset
|
189 */ |