Bug #20414 for Net-Ping: cannot flag perl script with sticky bit when using syn and port 80

Tue Jul 11 09:48:22 2006 Guest - Ticket created

Subject:

cannot flag perl script with sticky bit when using syn and port 80

Hi, I cannot execute the tcp ping if perl script's sticky bit is set: -rwsr-x--- 1 root tkocher 1084 Jul 11 15:21 check_ping.pl [tkocher@host tkocher]$ ./check_ping.pl ip_address Insecure dependency in connect while running setuid at /usr/lib/perl5/5.8.0/Net/Ping.pm line 778. using perl version: [tkocher@host tkocher]$ perl -v This is perl, v5.8.0 built for i386-linux-thread-multi (with 1 registered patch, see perl -V for more detail) Copyright 1987-2002, Larry Wall on: Linux vlux1.boeblingen.de.ibm.com 2.4.21-40.ELsmp #1 SMP Thu Feb 2 22:22:39 EST 2006 i686 i686 i386 GNU/Linux library version: [root@host tkocher]# head -n 3 /usr/lib/perl5/5.8.0/Net/Ping.pm package Net::Ping; # $Id: Ping.pm,v 1.46 2002/12/02 19:17:09 rob Exp $ [root@vlux1 tkocher]# I wrote the following script: #!/usr/bin/perl # # script checks if host's http port 80 is reachable but not icmp # use strict; use Net::Ping; my $usage="usage: script [hostname|ip]"; if ($#ARGV != 0) # check if just one argument { print ("$usage\n"); exit 3; } my $host = @ARGV[0]; # check if host is pingable my $p = Net::Ping->new("icmp"); my $icmp_result = $p->ping($host, 1); # icmp result is 1 if host is reachable - 0 if unreachable - undef in cases of other problems $p->close(); # check if http port is open $p = Net::Ping->new("syn"); $p->{port_num}=80; my $http_result = $p->ping($host); $p->close(); print ("icmp_result: $icmp_result\n"); print ("http_result: $http_result\n"); exit 0; Thanks for any help...

Wed Aug 08 12:12:52 2007 SMPETERS [...] cpan.org - Correspondence added

On Tue Jul 11 09:48:22 2006, guest wrote: Show quoted text

> Hi, > > I cannot execute the tcp ping if perl script's sticky bit is set: > > -rwsr-x--- 1 root tkocher 1084 Jul 11 15:21 check_ping.pl > > [tkocher@host tkocher]$ ./check_ping.pl ip_address > Insecure dependency in connect while running setuid at > /usr/lib/perl5/5.8.0/Net/Ping.pm line 778. > > using perl version: > > [tkocher@host tkocher]$ perl -v > > This is perl, v5.8.0 built for i386-linux-thread-multi > (with 1 registered patch, see perl -V for more detail) > > Copyright 1987-2002, Larry Wall > > > on: > > Linux vlux1.boeblingen.de.ibm.com 2.4.21-40.ELsmp #1 SMP Thu Feb 2 > 22:22:39 EST 2006 i686 i686 i386 GNU/Linux > > library version: > [root@host tkocher]# head -n 3 /usr/lib/perl5/5.8.0/Net/Ping.pm > package Net::Ping; > > # $Id: Ping.pm,v 1.46 2002/12/02 19:17:09 rob Exp $ > [root@vlux1 tkocher]# > > > I wrote the following script: > #!/usr/bin/perl > > # > # script checks if host's http port 80 is reachable but not icmp > # > > use strict; > use Net::Ping; > my $usage="usage: script [hostname|ip]"; > > if ($#ARGV != 0) # check if just one argument > { > print ("$usage\n"); > exit 3; > } > > my $host = @ARGV[0]; > > > # check if host is pingable > my $p = Net::Ping->new("icmp"); > my $icmp_result = $p->ping($host, 1); # icmp result is 1 if host is > reachable - 0 if unreachable - undef in cases of other problems > $p->close(); > > # check if http port is open > $p = Net::Ping->new("syn"); > $p->{port_num}=80; > my $http_result = $p->ping($host); > $p->close(); > > print ("icmp_result: $icmp_result\n"); > print ("http_result: $http_result\n"); > exit 0; > > > Thanks for any help... >

This is a problem with the script, not with Net::Ping. When running with the sticky bit, taint checking is enabled. Since $host is not being validated in any way, taint checking catches its use and fails. Try validating $host in someway using a regular expression and your problems should go away.

Wed Aug 08 12:13:00 2007 The RT System itself - Status changed from 'new' to 'open'

Wed Aug 08 12:13:01 2007 SMPETERS [...] cpan.org - Status changed from 'open' to 'rejected'