Package: perl Version: 5.8.8-7 Severity: normal I have some code that looks like this:
sub dirname ($) { #{{{
my $file=shift;
use Scalar::Util;
print STDERR "in tainted: ".Scalar::Util::tainted($file)."\n";
$file=~s!/*[^/]+$!!;
print STDERR "out tainted: ".Scalar::Util::tainted($file)."\n";
return $file;
} #}}}
And I was able to get this output:
in tainted: 0
out tainted: 0
in tainted: 0
out tainted: 1
So perl is randomly setting the taint flag.
I've attached an 750 line test case in a tarball. Sorry that's not
smaller or simpler, but I already boiled it down from the entirty of
ikiwiki this. :-)
[EMAIL PROTECTED]:~/tmp/for-joeyh/ikiwiki>rm -rf out; ./ikiwiki.in
--templatedir=templates --underlaydir=empty --plugin=wikitext
--plugin=htmlscrubber -v wiki out --rebuild
in tainted: 0
out tainted: 0
in tainted: 0
out tainted: 1
Insecure dependency in mkdir while running with -T switch at IkiWiki.pm line
282.
A few things that hide the problem:
* Removing either of the --plugin switches, even though both files they
load are minimal and do nothing.
* In IkiWiki/Render.pm, line 62, commenting out the use of decode_utf8.
Suggests that this might be a utf8 flag vs taint flag mixup?
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages perl depends on:
ii libc6 2.3.6.ds1-11 GNU C Library: Shared libraries
ii libdb4.4 4.4.20-8 Berkeley v4.4 Database Libraries [
ii libgdbm3 1.8.3-3 GNU dbm database routines (runtime
ii perl-base 5.8.8-7 The Pathologically Eclectic Rubbis
ii perl-modules 5.8.8-7 Core Perl modules
Versions of packages perl recommends:
ii perl-doc 5.8.8-7 Perl documentation
-- no debconf information
--
see shy jo
testcase.tgz
Description: GNU Unix tar archive
signature.asc
Description: Digital signature
