Bug #64642 for Encode: PATCH: Tainted values have the taint flag cleared when encoded

Mon Jan 10 01:19:16 2011 DDICK [...] cpan.org - Ticket created

Subject:

Tainted values have the taint flag cleared when encoded

As far as i understand it, decoding should happen as early as possible after receiving input data and encoding should occur as late as possible before sending data. This being so, encoding removes the taint flag for a variable, so the use of tainting is destroying unless the programmer uses something like Taint::Util to test for and set the taint flag after encoding. The attached file shows the issue with an Encode::encoded environment variable happily passed through to a system call while using taint checks.

Subject:

taint.pl

#! /usr/bin/perl -T use strict; use warnings; use Encode(); $ENV{'PATH'} = '/bin:/usr/bin'; delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; my ($home) = Encode::encode('UTF-8', $ENV{'HOME'}); system("echo $home");

Fri Apr 15 04:59:31 2011 DDICK [...] cpan.org - Subject changed from 'Tainted values have the taint flag cleared when encoded' to 'PATCH: Tainted values have the taint flag cleared when encoded'

Fri Apr 15 05:00:28 2011 DDICK [...] cpan.org - Correspondence added

Subject:

taint.diff

diff -Naur old/Encode.pm new/Encode.pm --- old/Encode.pm 2011-01-01 09:48:51.000000000 +1100 +++ new/Encode.pm 2011-04-15 09:46:03.800076400 +1000 @@ -155,7 +155,14 @@ require Carp; Carp::croak("Unknown encoding '$name'"); } + my ($tainted); + if (tainted($string)) { + $tainted = 1; + } my $octets = $enc->encode( $string, $check ); + if ($tainted) { + taint($octets); + } $_[1] = $string if $check and !ref $check and !( $check & LEAVE_SRC() ); return $octets; } @@ -171,7 +178,14 @@ require Carp; Carp::croak("Unknown encoding '$name'"); } + my ($tainted); + if (tainted($octets)) { + $tainted = 1; + } my $string = $enc->decode( $octets, $check ); + if ($tainted) { + taint($string); + } $_[1] = $octets if $check and !ref $check and !( $check & LEAVE_SRC() ); return $string; } diff -Naur old/Encode.xs new/Encode.xs --- old/Encode.xs 2011-01-01 09:48:51.000000000 +1100 +++ new/Encode.xs 2011-04-15 09:43:05.811637039 +1000 @@ -866,6 +866,24 @@ OUTPUT: RETVAL +void +tainted(SV *sv) +PPCODE: + EXTEND(SP, 1); + if (SvTAINTED(sv)) + PUSHs(&PL_sv_yes); + else + PUSHs(&PL_sv_no); + +void +taint(...) +PREINIT: + I32 i; +PPCODE: + for (i = 0; i < items; ++i) + if (!SvREADONLY(ST(i))) + SvTAINTED_on(ST(i)); + int DIE_ON_ERR() CODE: diff -Naur old/t/taint.t new/t/taint.t --- old/t/taint.t 1970-01-01 10:00:00.000000000 +1000 +++ new/t/taint.t 2011-04-15 10:03:52.206529282 +1000 @@ -0,0 +1,14 @@ +#! /usr/bin/perl -T +# +# $Id: utf8ref.t,v 1.1 2010/09/18 18:39:51 dankogai Exp $ +# + +use strict; +use warnings; +use Encode; +use Test::More; +use Scalar::Util; +plan tests => 2; + +ok (Encode::tainted(Encode::encode('UTF-8', $ENV{HOME})), "Successfully retained tainting through Encode::encode()"); +ok (Encode::tainted(Encode::decode('UTF-8', $ENV{HOME})), "Successfully retained tainting through Encode::decode()");

Fri Apr 15 05:00:29 2011 DDICK [...] cpan.org - Status changed from 'new' to 'open'

Tue May 21 09:36:43 2013 Mark.Martinec [...] ijs.si - Correspondence added

From:

Mark.Martinec [...] ijs.si

This has been fixed in version 2.50. The ticket can be considered a duplicate of [rt.cpan.org #84879] and can now be closed.

Thu May 30 01:34:03 2013 DANKOGAI [...] cpan.org - Correspondence added

Closing as suggested. Dan the Maintainer Thereof On Tue May 21 09:36:43 2013, Mark.Martinec@ijs.si wrote: Show quoted text

> This has been fixed in version 2.50. The ticket can be considered > a duplicate of [rt.cpan.org #84879] and can now be closed.

Thu May 30 01:34:04 2013 DANKOGAI [...] cpan.org - Status changed from 'open' to 'resolved'