Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: One true regexp for untainting windows filenames?

by ikegami (Pope)
on Jan 08, 2009 at 05:10 UTC ( #734808=note: print w/ replies, xml ) Need Help??


in reply to One true regexp for untainting windows filenames?

Checking if $^X is a valid file name doesn't make it safe. You might as well use /(.*)/s.

On the plus side, there doesn't appear to be any reason for $^X to be tainted in Windows.

use Win32::Process; sub ErrorReport{ print Win32::FormatMessage( Win32::GetLastError() ); } Win32::Process::Create( my $child, 'c:\\progs\\perl5100\\bin\\perl.exe', 'evil -le"print $^X"', 0, NORMAL_PRIORITY_CLASS, "." ) or die ErrorReport(); $child->Wait(INFINITE);
c:\progs\perl5100\bin\perl.exe

If you trust the perl you are running, then it looks like $^X is safe.
If you don't trust the perl you are running, then it doesn't matter if $^X safe or not.

By the way,
everything that matches qr{^[^/\0]+\z} is a valid file name in unix,
and everything that matches qr{^[^\0]+\z} is a valid file path in unix.
I don't know where you got qr{ (\A[- + @ [:word:] . / ]+)\z }x from.


Comment on Re: One true regexp for untainting windows filenames?
Select or Download Code
Re^2: One true regexp for untainting windows filenames?
by jaldhar (Vicar) on Jan 08, 2009 at 22:13 UTC

    It seems that despite the length of my post I still managed to leave out some pertinent information. Sorry! I use untaint_path() to check several filenames not just $^X. It just happens that this is the first test that encountered a weird path. So the question still stands even if $^X is safe.

    On that topic, I am using the value of $^X in a qx// call. On Linux at least, if I don't untaint it, I get a nastygram about "insecure dependency." Should perl be a little smarter here?

    As for the regexps themselves, I am embarrassed to say I just copied them from existing code. Now I will use the ones from File::Basename as cdarke suggested.

    Thank you for your help.

    --
    જલધર

      I use untaint_path() to check several filenames not just $^X.

      To make them safe for what? Most most applications, untaint_path might remove the taint flag, but it doesn't make sure they're safe first.

      On that topic, I am using the value of $^X in a qx// call. On Linux at least, if I don't untaint it, I get a nastygram about "insecure dependency." Should perl be a little smarter here?

      In unix systems, it's possible to execute a binary at one path while making it think it's at a different path.

      $ cat > a.c #include <stdio.h> int main(int argc, char** argv) { printf("%s\n", argv[0]); return 0; } $ gcc -o a a.c $ perl -e'exec { "a" } "evil"' evil

      Based on a comment in $^X, it looks like there's a way for processes to find out which binary is actually being executed on some systems, and Perl uses it.

      If the following doesn't print "evil" on your system, $^X can probably be trusted on your system.

      $ perl -e'system { "perl" } "evil", "-le", "print \$^X"' /usr/bin/perl

        To make them safe for what? Most most applications, untaint_path might remove the taint flag, but it doesn't make sure they're safe first.

        Safe to use in qx//; in taint mode Earlier, I set $ENV{PATH} to q{}. This means I need to use complete paths to every file or command I use and they need to be untainted to prevent the 'insecure dependency' error.

        I had forgotten about argv[0]. Now you have led me to realize that running under -T will not really buying me anything here without additional checking.

        Hopefully this conversation will remind others to not complacently assume untainted eq secure if nothing else.

        --
        જલધર

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://734808]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (19)
As of 2015-07-01 19:41 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (17 votes), past polls