1#!/usr/bin/perl -T 2use strict; 3use Encode qw(encode decode); 4local %Encode::ExtModule = %Encode::Config::ExtModule; 5use Scalar::Util qw(tainted); 6use Test::More; 7my $taint = substr($ENV{PATH},0,0); 8my $str = "dan\x{5f3e}" . $taint; # tainted string to encode 9my $bin = encode('UTF-8', $str); # tainted binary to decode 10my $notaint = ""; 11my $notaint_str = "dan\x{5f3e}" . $notaint; 12my $notaint_bin = encode('UTF-8', $notaint_str); 13my @names = Encode->encodings(':all'); 14plan tests => 4 * @names + 2; 15for my $name (@names) { 16 my ($d, $e, $s); 17 eval { 18 $e = encode($name, $str); 19 }; 20 SKIP: { 21 skip $@, 1 if $@; 22 ok tainted($e), "encode $name"; 23 } 24 $bin = $e.$taint if $e; 25 eval { 26 $d = decode($name, $bin); 27 }; 28 SKIP: { 29 skip $@, 1 if $@; 30 ok tainted($d), "decode $name"; 31 } 32} 33for my $name (@names) { 34 my ($d, $e, $s); 35 eval { 36 $e = encode($name, $notaint_str); 37 }; 38 SKIP: { 39 skip $@, 1 if $@; 40 ok ! tainted($e), "encode $name"; 41 } 42 $notaint_bin = $e.$notaint if $e; 43 eval { 44 $d = decode($name, $notaint_bin); 45 }; 46 SKIP: { 47 skip $@, 1 if $@; 48 ok ! tainted($d), "decode $name"; 49 } 50} 51Encode::_utf8_on($bin); 52ok(!Encode::is_utf8($bin), "Encode::_utf8_on does not work on tainted values"); 53Encode::_utf8_off($str); 54ok(Encode::is_utf8($str), "Encode::_utf8_off does not work on tainted values"); 55