Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

pudge (1)

pudge
  (email not shown publicly)
http://pudge.net/
AOL IM: Crimethnk (Add Buddy, Send Message)

I run this joint, see?

Journal of pudge (1)

Sunday October 28, 2007
03:16 AM

Tainting

[ #34767 ]

So the question is: is there a way to detaint arbitary data in Perl without using hash keys or regexes or XS?

Something hit me. This:

#!/usr/bin/perl -sTl
use warnings;
use strict;
 
use Scalar::Util 'tainted';
 
no strict 'refs';
for my $name (keys %{'::'}) {
    printf "%s:%d\n", $name, tainted($name)
        if $name =~ /^[a-z]\w+$/i
        && $$name;
}

Execute that like ./taint.plx -dakdjhasd and you get $name with dakdjhasd in it, untainted.

This is not the same thing, but what it does do is take some untrusted data that you normally might expect to be tainted, since it's just data on the command line, and makes it trusted. But this is not arbitrary data, and it is not tainted in the first place (and therefore not untainted). Interesting though. Then I thought:

#!/usr/bin/perl -Tl
use warnings;
use strict;
 
use Scalar::Util 'tainted';
 
no strict 'refs';
 
my $foo = $ENV{HOME};
printf "%s:%d\n", $foo, tainted($foo);
 
${'::' . $foo} = 'la la la';
 
my $bar;
for my $name (keys %{'::'}) {
    if ($name eq $foo) {
        $bar = $name;
        last;
    }
}
 
printf "%s:%d\n", $bar, tainted($bar);

W00t. Data is untainted!

Now, I know, this is still basically using hash keys, since the symbol table is a hash. But I don't care. Also, it wouldn't necessarily work with arbitrary data, given symbol table limitations.

Just something passing through my head.

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.