Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Taint checking?

by citromatik (Curate)
on Jul 01, 2009 at 16:13 UTC ( #776486=perlquestion: print w/ replies, xml ) Need Help??
citromatik has asked for the wisdom of the Perl Monks concerning the following question:

Hi,

I have encountered the following in production code:

if((defined ($command_str)) && ($command_str =~ /^(.*)$/)) {#taint che +cking $command_str = $1; # blah, blah

Does this make any sense? is there any benefit in reassigning $command_str this way?

Thanks in advance

citromatik

Comment on Taint checking?
Select or Download Code
Re: Taint checking?
by Anonymous Monk on Jul 01, 2009 at 16:21 UTC
Re: Taint checking?
by jethro (Monsignor) on Jul 01, 2009 at 16:25 UTC

    You can run perl in tainted mode, where any data a script gets from I/O is tainted (i.e. flagged as unsafe and potentially dangerous). This is for example useful with CGI-scripts.

    Data can be untainted by filtering it with a regex. In that case perl assumes that you have filtered any dangerous parts and the extracted data is safe now

    As the code you are presenting does no real effort to filter anything the author was either absolutely sure that $command_str came from somewhere safe or he couldn't be bothered with security

Re: Taint checking?
by JavaFan (Canon) on Jul 01, 2009 at 17:32 UTC
    No, without context, it doesn't make any sense. If you're going to untaint by accepting anything, it easiest way is to get rid of the -T.

    Now, there may be other reasons why the program is using taint, and perhaps what is in $command_str comes from a trusted source. But that cannot be told from the snippet.

Re: Taint checking?
by graff (Chancellor) on Jul 02, 2009 at 04:04 UTC
    Well, since there is no "s" modifier on the regex, it is at least testing making sure that the value of $command_str does not contain "\n", which might be worth something, depending on how this variable is used later on.

    But if the whole script were in my hands, the next thing I would do would be to search for occurrences/uses of $command_str outside (following) that if block, because any such occurrence/usage could be getting a still-tainted value (in the case where that "if" condition wasn't met).

    (Update: and then, of course, I would also look very carefully at how this variable is being used inside that "if" block.)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://776486]
Approved by Old_Gray_Bear
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (9)
As of 2014-10-20 21:19 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (92 votes), past polls