[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Potentially insecure Perl scripts

On 2019-01-25 13:55:47 +0000, Ian Jackson wrote:
> The easiest way to sanitise a string to make it safe for 2-argument
> open involves:
>  * prepending ./ if the string does not start with /
>  * appending \0 (a nul byte)
> The result is also a valid operand for 3-argument open.

However, the null byte trick is not portable. As documented in the
open description:

       otherwise it's necessary to protect any leading and trailing

           $file =~ s#^(\s)#./$1#;
           open(my $fh, "< $file\0")
               || die "Can't open $file: $!";

       (this may not work on some bizarre filesystems). One should

And some filesystems may want to see \0 as an error (i.e. making
open fail), e.g. for security reasons:


(IMHO, it would be safer if Perl did this everywhere.)

Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to: