Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Strange Taint Introduction with LWP

Status
Not open for further replies.

WingedKnight

Programmer
Apr 21, 2010
11
US
I have a large, complicated, multifile (too long to post the full thing here) Perl application which uses LWP.

Recently, to deal with a new input source website which automatically HTTP-compressed its responses, I had to modify the script to change a line from using ($objResponse is an HTTP::Response object):

$objResponse->content

to:

$objResponse->decoded_content

Making that change and nothing else somehow causes the following error (which does NOT happen in the former content rather than decoded_content case), with the error message marking the error as originating not in my own code, but in the LWP library:

Insecure dependency in unlink while running with -T switch at C:/usr/local/lib/LWP/UserAgent.pm line 723.

which looks like some sort of taint introduction. I was eventually able to trace the taint introduction to the following line, involving a string substitution which, for the string $strFilePathRemaining, strips away the first forward slash and everything before that first forward slash:

$strFilePathRemaining =~ s/^[^\/]+\///;

I managed to identify the source of the taint to this string substitution because if I untaint $strFilePathRemaining via

($strFilePathRemaining) = ($strFilePathRemaining =~ m/(.*)/);

right before this line, then the same "insecure dependency" error is still raised, but if I untaint $strFilePathRemaining right after this line, then no "insecure dependency" error is raised.

Can someone explain to me what is happening here? I don't see how the string substitution

$strFilePathRemaining =~ s/^[^\/]+\///;

introduces taint. There was no taint to $strFilePathRemaining before this line, so how would this line somehow introduce taint? There's not, for example, any dangerous variable in the replacement part of the substitution.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top