You are viewing a plain text version of this content. The canonical link for it is here.

Posted to embperl@perl.apache.org by Jan Kyncl <ky...@pcv.cz> on 2001/10/05 18:58:00 UTC

$fdat like part of filename

Hi,

I have this problem when I use  $fdat variable like part of filename I'll get  this error:
[28024]ERR: 24: Line 1: Error in Perl code: Insecure dependency in open while running with -T switch at /home/www/ceska-media/content_management/fdat.html line 13. 

Source code:

$path = '/home/www/doc/server/data_media/photos/authors/'; 


$path.=$fdat{id};

$path.='.jpg';
open FILE, "> $path" || die;
print FILE $buffer
while read($fdat{photo}, $buffer, 32768);
close FILE;

}

My configuration:

Apache/1.3.14 (Unix) mod_perl/1.24_01 mod_ssl/2.7.1 OpenSSL/0.9.6 HTML::Embperl 1.3.0 [Fri Oct 5 18:51:10 2001]

Thanks anyway


Best regards
                        
                           Jan Kyncl
                             Director
              Prvni ceska virtualni Ltd.

Re: $fdat like part of filename

Posted by Gerald Richter <ri...@ecos.de>.

>I have this problem when I use  $fdat variable like part of filename I'll
get  this error:
>[28024]ERR: 24: Line 1: Error in Perl code: Insecure dependency in open
while running with -T switch >at
/home/www/ceska-media/content_management/fdat.html line 13.

That's the sense of Perl tainting, it tells you you shouldn't do that:


>$path.=$fdat{id};
>
>$path.='.jpg';
>open FILE, "> $path" || die;

What's happen's if anybody submits a ../../ etc. as id ? In that case the
picutre will get written to the wrong location, maybe somebody will be able
to overwrite something...

Never use submitted values directly in a file path, always validate them
with a regex. The regex will also remove tainting from the value. See man
perlfaq for more infos about tainting.

Gerald



-------------------------------------------------------------
Gerald Richter    ecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting

Post:       Tulpenstrasse 5         D-55276 Dienheim b. Mainz
E-Mail:     richter@ecos.de         Voice:    +49 6133 925131
WWW:        http://www.ecos.de      Fax:      +49 6133 925152
-------------------------------------------------------------




---------------------------------------------------------------------
To unsubscribe, e-mail: embperl-unsubscribe@perl.apache.org
For additional commands, e-mail: embperl-help@perl.apache.org