Home Explore Help
Register Sign In
third
/
srs
mirror of https://github.com/ossrs/srs
2
0
Fork 0
Files
Tree: 65ea140126
Branches Tags
srs
/
trunk
/
3rdparty
/
openssl-1.1-fit
/
external
/
perl
/
Text-Template-1.46
/
t
/
13-taint.t

13-taint.t 3.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 
  1. #!perl -T
    2. 

  2. # Tests for taint-mode features
    3. 

  3. 

  4. use lib 'blib/lib';
    5. 

  5. use Text::Template;
    6. 

  6. 

  7. die "This is the test program for Text::Template version 1.46.
    8. 

  8. You are using version $Text::Template::VERSION instead.
    9. 

  9. That does not make sense.\n
    10. 

  10. Aborting"
    11. 

  11.   unless $Text::Template::VERSION == 1.46;
    12. 

  12. 

  13. my $r = int(rand(10000));
    14. 

  14. my $file = "tt$r";
    15. 

  15. 

  16. # makes its arguments tainted
    17. 

  17. sub taint {
    18. 

  18.   for (@_) {
    19. 

  19.     $_ .= substr($0,0,0);       # LOD
    20. 

  20.   }
    21. 

  21. }
    22. 

  22. 

  23. 

  24. print "1..21\n";
    25. 

  25. 

  26. my $n =1;
    27. 

  27. print "ok ", $n++, "\n";
    28. 

  28. 

  29. my $template = 'The value of $n is {$n}.';
    30. 

  30. 

  31. open T, "> $file" or die "Couldn't write temporary file $file: $!";
    32. 

  32. print T $template, "\n";
    33. 

  33. close T or die "Couldn't finish temporary file $file: $!";
    34. 

  34. 

  35. sub should_fail {
    36. 

  36.   my $obj = Text::Template->new(@_);
    37. 

  37.   eval {$obj->fill_in()};
    38. 

  38.   if ($@) {
    39. 

  39.     print "ok $n # $@\n";
    40. 

  40.   } else {
    41. 

  41.     print "not ok $n # (didn't fail)\n";
    42. 

  42.   }
    43. 

  43.   $n++;
    44. 

  44. }
    45. 

  45. 

  46. sub should_work {
    47. 

  47.   my $obj = Text::Template->new(@_);
    48. 

  48.   eval {$obj->fill_in()};
    49. 

  49.   if ($@) {
    50. 

  50.     print "not ok $n # $@\n";
    51. 

  51.   } else {
    52. 

  52.     print "ok $n\n";
    53. 

  53.   }
    54. 

  54.   $n++;
    55. 

  55. }
    56. 

  56. 

  57. sub should_be_tainted {
    58. 

  58.   if (Text::Template::_is_clean($_[0])) {
    59. 

  59.     print "not ok $n\n"; $n++; return;
    60. 

  60.   }
    61. 

  61.   print "ok $n\n"; $n++; return; 
    62. 

  62. }
    63. 

  63. 

  64. sub should_be_clean {
    65. 

  65.   unless (Text::Template::_is_clean($_[0])) {
    66. 

  66.     print "not ok $n\n"; $n++; return;
    67. 

  67.   }
    68. 

  68.   print "ok $n\n"; $n++; return; 
    69. 

  69. }
    70. 

  70. 

  71. # Tainted filename should die with and without UNTAINT option
    72. 

  72. # untainted filename should die without UNTAINT option
    73. 

  73. # filehandle should die without UNTAINT option
    74. 

  74. # string and array with tainted data should die either way
    75. 

  75. 

  76. # (2)-(7)
    77. 

  77. my $tfile = $file;
    78. 

  78. taint($tfile);
    79. 

  79. should_be_tainted($tfile);
    80. 

  80. should_be_clean($file);
    81. 

  81. should_fail TYPE => 'file', SOURCE => $tfile;
    82. 

  82. should_fail TYPE => 'file', SOURCE => $tfile, UNTAINT => 1;
    83. 

  83. should_fail TYPE => 'file', SOURCE => $file;
    84. 

  84. should_work TYPE => 'file', SOURCE => $file, UNTAINT => 1;
    85. 

  85. 

  86. # (8-9)
    87. 

  87. open H, "< $file" or die "Couldn't open $file for reading: $!; aborting";
    88. 

  88. should_fail TYPE => 'filehandle', SOURCE => \*H;
    89. 

  89. close H;
    90. 

  90. open H, "< $file" or die "Couldn't open $file for reading: $!; aborting";
    91. 

  91. should_work TYPE => 'filehandle', SOURCE => \*H, UNTAINT => 1;
    92. 

  92. close H;
    93. 

  93. 

  94. # (10-15)
    95. 

  95. my $ttemplate = $template;
    96. 

  96. taint($ttemplate);
    97. 

  97. should_be_tainted($ttemplate);
    98. 

  98. should_be_clean($template);
    99. 

  99. should_fail TYPE => 'string', SOURCE => $ttemplate;
    100. 

  100. should_fail TYPE => 'string', SOURCE => $ttemplate, UNTAINT => 1;
    101. 

  101. should_work TYPE => 'string', SOURCE => $template;
    102. 

  102. should_work TYPE => 'string', SOURCE => $template, UNTAINT => 1;
    103. 

  103. 

  104. # (16-19)
    105. 

  105. my $array = [ $template ];
    106. 

  106. my $tarray = [ $ttemplate ];
    107. 

  107. should_fail TYPE => 'array', SOURCE => $tarray;
    108. 

  108. should_fail TYPE => 'array', SOURCE => $tarray, UNTAINT => 1;
    109. 

  109. should_work TYPE => 'array', SOURCE => $array;
    110. 

  110. should_work TYPE => 'array', SOURCE => $array, UNTAINT => 1;
    111. 

  111. 

  112. # (20-21) Test _unconditionally_untaint utility function
    113. 

  113. Text::Template::_unconditionally_untaint($ttemplate);
    114. 

  114. should_be_clean($ttemplate);
    115. 

  115. Text::Template::_unconditionally_untaint($tfile);
    116. 

  116. should_be_clean($tfile);
    117. 

  117. 

  118. END { unlink $file }
    119. 

  119.