1#!./perl -Tw 2 3BEGIN { 4 require Config; import Config; 5 if ($^O ne 'VMS' and $Config{'extensions'} !~ /\bPOSIX\b/) { 6 print "1..0\n"; 7 exit 0; 8 } 9} 10 11use Test::More; 12BEGIN { 13 plan( 14 ${^TAINT} 15 ? (tests => 7) 16 : (skip_all => "A perl without taint support") 17 ); 18} 19 20use Scalar::Util qw/tainted/; 21 22use POSIX qw(fcntl_h open read mkfifo); 23use strict ; 24 25$| = 1; 26 27my $buffer; 28my @buffer; 29my $testfd; 30 31# Sources of taint: 32# The empty tainted value, for tainting strings 33 34my $TAINT = substr($^X, 0, 0); 35 36my $file = 'POSIX.xs'; 37 38eval { mkfifo($TAINT. $file, 0) }; 39like($@, qr/^Insecure dependency/, 'mkfifo with tainted data'); 40 41eval { $testfd = open($TAINT. $file, O_WRONLY, 0) }; 42like($@, qr/^Insecure dependency/, 'open with tainted data'); 43 44eval { $testfd = open($file, O_RDONLY, 0) }; 45is($@, "", 'open with untainted data'); 46 47read($testfd, $buffer, 2) if $testfd > 2; 48is( $buffer, "#d", ' read' ); 49ok(tainted($buffer), ' scalar tainted'); 50 51TODO: { 52 local $TODO = "POSIX::read won't taint an array element"; 53 54 read($testfd, $buffer[1], 2) if $testfd > 2; 55 56 is( $buffer[1], "./", ' read' ); 57 ok(tainted($buffer[1]), ' array element tainted'); 58} 59