[Van-pm] CGI taint mode
Vincent Li
mcli at brc.ubc.ca
Mon Dec 5 16:05:11 PST 2005
Hello Vancouver PM:
I read about Lincoln Stein's WWW Security FAQ. I am testing a sample
upload.pl. While I turned on the taint mode, and did the taint check as
following:
---------
35 if ($file =~ /^([-\@\w.]+)$/) {
36 $file = $1;
37 }
38 else {
39 error("invalid filename: $file");
40 }
41
42 print h2('File name'),$file;
43 print h2('File MIME type'),
44 uploadInfo($file)->{'Content-Type'};
----------
The script always give me error
Software error:
Can't use an undefined value as a HASH reference at test line 43.
the full upload scrirpt is:
-----------
1 #!/usr/bin/perl -wT
2 #file: upload.pl
3
4 $| = 1;
5 use strict;
6 use CGI qw/:standard/;
7 use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
8 use Fcntl qw( :DEFAULT :flock );
9 use Readonly;
10
11 $CGI::POST_MAX=1024 * 100;
12 $CGI::DISABLE_UPLOADS=0;
13 $ENV{PATH}='/usr/bin,/bin';
14
15 Readonly my $UPLOAD_DIR => q[/var/www/apache2-default/upload];
16
17 print header,
18 start_html('file upload'),
19 h1('file upload');
20 print_form() unless param;
21 print_results() if param;
22 print end_html;
23
24 sub print_form {
25 print start_multipart_form(),
26 filefield(-name=>'upload',-size=>60),br,
27 submit(-label=>'Upload File'),
28 end_form;
29 }
30
31 sub print_results {
32 my $length;
33 my $file = param('upload');
34
35 if ($file =~ /^([-\@\w.]+)$/) {
36 $file = $1;
37 }
38 else {
39 error("invalid filename: $file");
40 }
41
42 print h2('File name'),$file;
43 print h2('File MIME type'),
44 uploadInfo($file)->{'Content-Type'};
45
46 sysopen(my $OUT, "$UPLOAD_DIR/$file", O_WRONLY|O_TRUNC|O_CREAT, 0600)
47 or error( " Could not create: $!");
48
49 while (<$file>) {
50 print $OUT $_;
51 }
52 }
53
54 sub error {
55 my ($reason ) = @_;
56
57 print header,
58 start_html( "Error" ),
59 print h1( "Error" ),
60 p( "Your upload was not procesed because the following error ",
61 "occured: " ),
62 p (i( $reason ) ),
63 end_html;
64 exit;
65 }
----------------
Thank in Advance!!!
--
Vincent Li
System Admin, UBC
http://mcli.homelinux.org:8080
More information about the Vancouver-pm
mailing list