[perl5.git] / taint.c

#include "EXTERN.h"
#include "perl.h"

void
taint_not(s)
char *s;
{
    if (euid != uid)
        croak("No %s allowed while running setuid", s);
    if (egid != gid)
        croak("No %s allowed while running setgid", s);
}

void
taint_proper(f, s)
char *f;
char *s;
{
    if (tainting) {
	DEBUG_u(fprintf(stderr,"%s %d %d %d\n",s,tainted,uid, euid));
	if (tainted) {
	    char *ug = 0;
	    if (euid != uid)
		ug = " while running setuid";
	    else if (egid != gid)
		ug = " while running setgid";
	    else if (tainting)
		ug = " while running with -T switch";
	    if (ug) {
		if (!unsafe)
		    croak(f, s, ug);
		else if (dowarn)
		    warn(f, s, ug);
	    }
	}
    }
}

void
taint_env()
{
    SV** svp;

    if (tainting) {
	MAGIC *mg = 0;
	svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
	if (!svp || *svp == &sv_undef || (mg = mg_find(*svp, 't'))) {
	    tainted = 1;
	    if (mg && MgTAINTEDDIR(mg))
		taint_proper("Insecure directory in %s%s", "PATH");
	    else
		taint_proper("Insecure %s%s", "PATH");
	}
	svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE);
	if (svp && *svp != &sv_undef && mg_find(*svp, 't')) {
	    tainted = 1;
	    taint_proper("Insecure %s%s", "IFS");
	}
    }
}
Commit	Line	Data
463ee0b2 LW	1	#include "EXTERN.h"
	2	#include "perl.h"
	3
	4	void
	5	taint_not(s)
	6	char *s;
	7	{
	8	if (euid != uid)
	9	croak("No %s allowed while running setuid", s);
	10	if (egid != gid)
	11	croak("No %s allowed while running setgid", s);
	12	}
	13
79072805 LW	14	void
	15	taint_proper(f, s)
	16	char *f;
	17	char *s;
	18	{
463ee0b2 LW	19	if (tainting) {
	20	DEBUG_u(fprintf(stderr,"%s %d %d %d\n",s,tainted,uid, euid));
	21	if (tainted) {
	22	char *ug = 0;
	23	if (euid != uid)
	24	ug = " while running setuid";
	25	else if (egid != gid)
	26	ug = " while running setgid";
	27	else if (tainting)
	28	ug = " while running with -T switch";
	29	if (ug) {
	30	if (!unsafe)
	31	croak(f, s, ug);
	32	else if (dowarn)
	33	warn(f, s, ug);
	34	}
	35	}
79072805 LW	36	}
	37	}
	38
	39	void
	40	taint_env()
	41	{
	42	SV** svp;
	43
463ee0b2	44	if (tainting) {
8990e307	45	MAGIC *mg = 0;
463ee0b2	46	svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
8990e307	47	if (!svp \|\| svp == &sv_undef \|\| (mg = mg_find(svp, 't'))) {
463ee0b2	48	tainted = 1;
8990e307	49	if (mg && MgTAINTEDDIR(mg))
463ee0b2 LW	50	taint_proper("Insecure directory in %s%s", "PATH");
	51	else
	52	taint_proper("Insecure %s%s", "PATH");
	53	}
	54	svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE);
	55	if (svp && svp != &sv_undef && mg_find(svp, 't')) {
	56	tainted = 1;
	57	taint_proper("Insecure %s%s", "IFS");
	58	}
79072805 LW	59	}
	60	}
	61