1N/A#!./perl -Tw
1N/A
1N/ABEGIN {
1N/A chdir 't' if -d 't';
1N/A @INC = '../lib';
1N/A require Config; import Config;
1N/A if ($^O ne 'VMS' and $Config{'extensions'} !~ /\bPOSIX\b/) {
1N/A print "1..0\n";
1N/A exit 0;
1N/A }
1N/A}
1N/A
1N/Ause Test::More tests => 7;
1N/Ause Scalar::Util qw/tainted/;
1N/A
1N/A
1N/Ause POSIX qw(fcntl_h open read mkfifo);
1N/Ause strict ;
1N/A
1N/A$| = 1;
1N/A
1N/Amy $buffer;
1N/Amy @buffer;
1N/Amy $testfd;
1N/A
1N/A# Sources of taint:
1N/A# The empty tainted value, for tainting strings
1N/A
1N/Amy $TAINT = substr($^X, 0, 0);
1N/A
1N/Amy $file = 'TEST';
1N/A
1N/Aeval { mkfifo($TAINT. $file, 0) };
1N/Alike($@, qr/^Insecure dependency/, 'mkfifo with tainted data');
1N/A
1N/Aeval { $testfd = open($TAINT. $file, O_WRONLY, 0) };
1N/Alike($@, qr/^Insecure dependency/, 'open with tainted data');
1N/A
1N/Aeval { $testfd = open($file, O_RDONLY, 0) };
1N/Ais($@, "", 'open with untainted data');
1N/A
1N/Aread($testfd, $buffer, 2) if $testfd > 2;
1N/Ais( $buffer, "#!", ' read' );
1N/Aok(tainted($buffer), ' scalar tainted');
1N/A
1N/ATODO: {
1N/A local $TODO = "POSIX::read won't taint an array element";
1N/A
1N/A read($testfd, $buffer[1], 2) if $testfd > 2;
1N/A
1N/A is( $buffer[1], "./", ' read' );
1N/A ok(tainted($buffer[1]), ' array element tainted');
1N/A}