1#!./perl -Tw 2 3BEGIN { 4 require Config; import Config; 5 if ($^O ne 'VMS' and $Config{'extensions'} !~ /\bPOSIX\b/) { 6 print "1..0\n"; 7 exit 0; 8 } 9} 10 11use Test::More tests => 7; 12use Scalar::Util qw/tainted/; 13 14 15use POSIX qw(fcntl_h open read mkfifo); 16use strict ; 17 18$| = 1; 19 20my $buffer; 21my @buffer; 22my $testfd; 23 24# Sources of taint: 25# The empty tainted value, for tainting strings 26 27my $TAINT = substr($^X, 0, 0); 28 29my $file = 'POSIX.xs'; 30 31eval { mkfifo($TAINT. $file, 0) }; 32like($@, qr/^Insecure dependency/, 'mkfifo with tainted data'); 33 34eval { $testfd = open($TAINT. $file, O_WRONLY, 0) }; 35like($@, qr/^Insecure dependency/, 'open with tainted data'); 36 37eval { $testfd = open($file, O_RDONLY, 0) }; 38is($@, "", 'open with untainted data'); 39 40read($testfd, $buffer, 2) if $testfd > 2; 41is( $buffer, "#d", ' read' ); 42ok(tainted($buffer), ' scalar tainted'); 43 44TODO: { 45 local $TODO = "POSIX::read won't taint an array element"; 46 47 read($testfd, $buffer[1], 2) if $testfd > 2; 48 49 is( $buffer[1], "./", ' read' ); 50 ok(tainted($buffer[1]), ' array element tainted'); 51} 52