Stack Overflow
Stack Overflow

Questions tagged [taint]

Taint checking is a security-related software analysis technique.

Taint checking asumes that any variable that can be modified by an external user poses a potential security risk. A taint checking tool compiles a list of all variables which are potentially influenced by outside input. If any of these variables is used to execute dangerous commands (such as direct commands to a SQL database or the host computer operating system), the taint checker warns that the program is using a potentially dangerous tainted variable.

62 questions
25
votes
6 answers

Is Perl's taint mode useful?

perl -T Do you use it? Does it help you finding security holes in your Perl scripts?
Juanjo Conti
  • 25,163
  • 37
  • 101
  • 128
17
votes
1 answer

What are tainted objects, and when should we untaint them?

When do Ruby objects need to be made tainted and when should we untaint them? How does the concept of tainted object make a Ruby script run in safe mode? Can anyone elaborate on this to make the concept clear with some code snippets?
Arup Rakshit
  • 109,389
  • 25
  • 234
  • 293
14
votes
2 answers

Replicating the 'Taint mode' from 'Fortify static checking tool' in Haskell

I've read some documentation of the Fortify static checking tool. One of the concepts used by this tool are called taints. Some sources, such as web requests, provide data that is tainted in one or more ways and some sinks, such as web responses,…
aleator
  • 4,346
  • 18
  • 31
12
votes
1 answer

Untainting a blessed hash member with or without the delete

I saw this line of code in some sources ( $self->{arg} ) = ( ( delete $self->{arg} ) =~ /(.*)/s ) if ${^TAINT}; I understand the untainting. I also known delete My question is, in what circumstances is it necessary or preferred to use the delete, …
Nemo
  • 3,252
  • 3
  • 17
  • 31
11
votes
2 answers

How do I set the taint mode in a perl script with a '#!/usr/bin/env perl'- shebang?

how do I set the taint mode in a perl script with a #!/usr/bin/env perl shebang?
sid_com
  • 21,289
  • 23
  • 89
  • 171
9
votes
4 answers

What is the significance of -T or -w in #!/usr/bin/perl?

I googled about #!/usr/bin/perl, but I could not find any satisfactory answer. I know it’s a pretty basic thing, but still, could explain me what is the significance of #!/usr/bin/perl in Perl? Moreover, what does -w or -T signify in…
vijay
  • 1,932
  • 3
  • 16
  • 32
8
votes
1 answer

How to check if current Perl statement contains tainted data?

I wrote my own little Perl debugger that prints for each executed line, the current file name and the corresponding line number. How can I detect if the current Perl statement contains tainted data? I know there is a function "tainted" from the…
Silence
  • 156
  • 4
8
votes
2 answers

Is it possible to use Perl's Marpa parser for a public network server?

The documentation of Perl's Marpa parser contains the following section about tainted data: Marpa::R2 exists to allow its input to alter execution in flexible and powerful ways. Marpa should not be used with untrusted input. In Perl' s taint mode,…
ceving
  • 16,775
  • 7
  • 82
  • 137
7
votes
1 answer

What is a distributive function under IDFS and why is pointer analysis non-distributive?

I'm doing an inter-procedrual analysis project in Java at the moment and I'm looking into using an IFDS solver to compute the control flow graph of a program. I'm finding it hard to follow the maths involved in the description of the IFDS framework…
Thain
  • 97
  • 5
6
votes
1 answer

Perl tainting via regular expression

Short version In the code below, $1 is tainted and I don't understand why. Long version I'm running Foswiki on a system with perl v5.14.2 with -T taint check mode enabled. Debugging a problem with that setup, I managed to construct the following…
MvG
  • 51,562
  • 13
  • 126
  • 251
5
votes
4 answers

How to untaint system call in CGI.pm

I have the following CGI script: #!/usr/bin/perl -T use strict; use warnings; use CGI::Carp qw(fatalsToBrowser); use CGI qw/:standard/; my $query = CGI->new(); my $searchterm = param('name'); my $file = "justafile.txt"; # Begin searching terms and…
neversaint
  • 50,277
  • 118
  • 274
  • 437
5
votes
2 answers

Finding the source of a perl taint mode error

When running a perl CGI script in taint mode, I get an error of the form... Insecure dependency in some_function while running with -T switch at (eval some_line) line some_other_line. Compilation failed in require at my-script.cgi line 39. BEGIN…
Matt Sheppard
  • 111,039
  • 46
  • 105
  • 128
5
votes
1 answer

Insecure dependency with Inline::Python

What could explain this compile-time error message when running Inline::Python in -T mode? Insecure dependency in open while running with -T switch at /usr/local/lib/perl/5.14.2/Inline/Python.pm line 193. Line 193 is where Inline::Python opens…
scozy
  • 2,411
  • 15
  • 34
4
votes
3 answers

How does Rails taint active record columns by default?

Question about Rails magic: I was playing with IRB and the tainted? method, then I just did the following: >> User.first.attributes.collect { |column, value| [column, value.tainted?] } => [["phone", true], ["state", false], ["persistence_token",…
jrichardlai
  • 3,047
  • 4
  • 18
  • 22
4
votes
2 answers

Does Perl 6 have a taint mode?

Perl 5 supports taint mode with the -T switch. The script will internally mark any value that is retrieved from a source external to the script as tainted which should be untainted. Does Perl 6 support such an option?
smith
  • 3,045
  • 24
  • 51
1
2 3 4 5