ext/POSIX/t/taint.t - metacpan.org

#!./perl -Tw

BEGIN {
    require Config; import Config;
    if ($^O ne 'VMS' and $Config{'extensions'} !~ /\bPOSIX\b/) {
	print "1..0\n";
	exit 0;
    }
}

use Test::More tests => 7;
use Scalar::Util qw/tainted/;


use POSIX qw(fcntl_h open read mkfifo);
use strict ;

$| = 1;

my $buffer;
my @buffer;
my $testfd;

# Sources of taint:
#   The empty tainted value, for tainting strings

my $TAINT = substr($^X, 0, 0);

my $file = 'POSIX.xs';

eval { mkfifo($TAINT. $file, 0) };
like($@, qr/^Insecure dependency/,              'mkfifo with tainted data');

eval { $testfd = open($TAINT. $file, O_WRONLY, 0) };
like($@, qr/^Insecure dependency/,              'open with tainted data');

eval { $testfd = open($file, O_RDONLY, 0) };
is($@, "",                                  'open with untainted data');

read($testfd, $buffer, 2) if $testfd > 2;
is( $buffer, "#d",	                          '    read' );
ok(tainted($buffer),                          '    scalar tainted');

TODO: {
    local $TODO = "POSIX::read won't taint an array element";

    read($testfd, $buffer[1], 2) if $testfd > 2;

    is( $buffer[1], "./",	                      '    read' );
    ok(tainted($buffer[1]),                       '    array element tainted');
}

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)