Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I "untaint" a variable?

Tags:

cgi

perl

upto my knowledge once a variable is tainted, Perl won't allow to use it in a system(), exec(), piped open, eval(), backtick command, or any function that affects something outside the program (such as unlink). So whats the process to untaint it?

like image 642
Anil Avatar asked Jan 03 '12 08:01

Anil


1 Answers

Use a regular expression on the tainted variable to pull out the "safe" values:

Sometimes you have just to clear your data's taintedness. Values may be untainted by using them as keys in a hash; otherwise the only way to bypass the tainting mechanism is by referencing subpatterns from a regular expression match. Perl presumes that if you reference a substring using $1, $2, etc., that you knew what you were doing when you wrote the pattern.

Don't ignore this warning though:

That means using a bit of thought--don't just blindly untaint anything, or you defeat the entire mechanism. It's better to verify that the variable has only good characters (for certain values of "good") rather than checking whether it has any bad characters. That's because it's far too easy to miss bad characters that you never thought of.

Perlsec: Laundering and Detecting Tainted Data

like image 57
Øyvind Skaar Avatar answered Oct 19 '22 10:10

Øyvind Skaar