#!/usr/bin/perl -T
use strict;
use warnings;
$ENV{PATH} = '';
{
local *FH;
open(FH, '>', 'file') or die "can't create 'file'";
}
print "type 'file' to test: ";
my $file_in = <>;
my ($file, %regex, %params);
$regex{A} = qr/^(\w+)$/;
# untaint scalar ($file) - works fine
$file = $file_in; # tainted
( $file ) = ( $file =~ /$regex{A}/ ); # UNTAINTED
{
local *FH;
open( FH, '+>', $file ) or die "$file : untaint \$file";
close FH;
}
# untaint scalar ($temp) - works fine
%params = ();
$file = $file_in; # tainted
$params{A} = $file; # tainted
my $temp = $params{A}; # tainted
( $params{A} ) = ( $temp =~ /$regex{A}/ ); # UNTAINTED
{
local *FH;
open( FH, '+>', $params{A} ) or die "$params{A} : untaint \$temp";
close FH;
}
# untaint scalar hash value ($params{A}) - fails!
%params = ();
$file = $file_in; # tainted
$params{A} = $file; # tainted
( $params{A} ) = ( $params{A} =~ /$regex{A}/ ); # STILL TAINTED
{
local *FH;
open( FH, '+>', $params{A} ) or die "$params{A} : untaint \$params{A}";
close FH;
}
####
$ t-taint.pl
type 'file' to test: file
Insecure dependency in open while running with -T switch at ./t-taint.pl line 46, <> line 1.
##
##
# untaint parameters
for( keys %params )
{
( display_message( $messages{error} ) && exit )
unless ref($valid_params{$_}) eq 'Regexp';
my $temp = $params{$_}; ### <--- added this variable
if( $temp =~ /$valid_params{$_}/ ) ### <--- changed this line
{
$params{$_} = $1;
}
else
{
display_message( $messages{error} ) && exit;
}
}