[Van-pm] CGI taint mode

Vincent Li mcli at brc.ubc.ca
Tue Dec 6 11:31:07 PST 2005


> Vincent Li wrote:
>> Hello Vancouver PM:
>>
>> I read about Lincoln Stein's WWW Security FAQ. I am testing a sample
>> upload.pl. While I turned on the taint mode, and did the taint check as
>> following:
>>
>> ---------
>> 35     if ($file =~ /^([-\@\w.]+)$/) {
>> 36         $file = $1;
>> 37     }
>> 38     else {
>> 39         error("invalid filename: $file");
>> 40     }
>> 41
>
> add:
>
> warn "Trying to upload file: $file\n";
>
> before and after the above chunk and check error_log to make sure it's
> there, it sounds like $file is undef in your case.
>

I put your line after the chunk, error_log shows:

[Tue Dec  6 11:18:31 2005] test: Use of uninitialized value in hash
element at (eval 31) line 3.
[Tue Dec  6 11:18:31 2005] test: Can't use an undefined value as a HASH
reference at test line 43.

>> 42     print h2('File name'),$file;

What confused me is line 42 print out the filename in browser, my guess is
$file is defined

>> 43     print h2('File MIME type'),
>> 44     uploadInfo($file)->{'Content-Type'};

But line 44 uploadinfo function see $file as undefined. line 42 and 44 are
in the same scope, I don't understand why line 42 and 44 see $file
differently.

>> ----------
>>
>> The script always give me error
>>
>> Software error:
>> Can't use an undefined value as a HASH reference at test line 43.
>
> line reporter is often skewed so most likely it talks about line 44 in
> your code, if that's what confusing you, Vincent.
>
> --
> _____________________________________________________________
> Stas Bekman mailto:stas at stason.org  http://stason.org/
> MailChannels: Assured Messaging(TM) http://mailchannels.com/
> The "Practical mod_perl" book       http://modperlbook.org/
> http://perl.apache.org/ http://perl.org/ http://logilune.com/

Thanks Stas.


-- 
Vincent Li
System Admin, UBC
http://mcli.homelinux.org:8080


More information about the Vancouver-pm mailing list