Questions tagged [taint]

Taint checking is a security-related software analysis technique.

Taint checking asumes that any variable that can be modified by an external user poses a potential security risk. A taint checking tool compiles a list of all variables which are potentially influenced by outside input. If any of these variables is used to execute dangerous commands (such as direct commands to a SQL database or the host computer operating system), the taint checker warns that the program is using a potentially dangerous tainted variable.

62 questions

-1

votes

1 answer

How do I force a perl variable to always be tainted?

I'm looking for a 100% reliable solution, not dependent on input or environment or anything - I just want to 100%-for-certain make a scalar variable tainted :-)

perl taint

asked Oct 25 '14 at 11:31

cnd

1,509
15
12

-2

votes

1 answer

Perl setting value of a variable in strict -T mode errors

I have a script running strict with the -T parameter or 'taint' mode. If I try to set the value of a variable already defined, it craps out. I didn't make much of it, I'm just trying to modify it and don't know why it's breaking. Here's the gist…

perl strict taint

asked Apr 22 '18 at 19:02

user3066571

1,177
3
13
29

Prev 1 2 3 4