NOTE: If you are a developer, please use a private wiki based on foswiki/trunk on a daily base ...or use trunk.foswiki.org to view this page for some minimal testing.
Use Item9693 for docu changes for 1.2 and 2.0.
You are here: Foswiki>Tasks Web>Item2091 (20 Sep 2009, KennethLavrsen) Edit this topic text (e) Attach an image or document to this topic; manage existing attachments (a) View sequential topic history View without formatting (v) Create new topic Printable version of this topic (p) More: delete or rename this topic; set parent topic; view and compare revisions (m)

Item2091: Enabling LINKTOOLTIPINFO causes taint error

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Urgent Closed Engine    
Enabling LINKTOOLTIPINFO causes taint error

problem is related to locale combined with converting characters to upper case.

Depending on your perl version you may require $ENV{FOSWIKI_ASSERTS} = 1; to be uncommented in bin/LocalLib.cfg to see this. But potentially it will also fail in normal non debug mode.

-- KennethLavrsen - 17 Sep 2009

This only manifests if taint checking is enabled with ASSERTS on, so arguably it's not a release blocker. However it makes it really hard to debug if turning on asserts causes loads of taint errors!

There are a number of possible solutions to this problem. perllocale tells use that:
  • Case-mapping interpolation (with \l, \L, \u or \U)

    Result string containing interpolated material is tainted if use locale is in effect.

  • Matching operator (m//):

    Subpatterns, either delivered as a list-context result or as $1 etc. are tainted if use locale is in effect, and the subpattern regular expression contains \w (to match an alphanumeric character), \W (non-alphanumeric character), \s (whitespace character), or \S (non whitespace character). The matched-pattern variable, $&, $` (pre-match), $' (post-match), and $+ (last match) are also tainted if use locale is in effect and the regular expression contains \w, \W, \s, or \S.

  • Substitution operator (s///):

    Has the same behavior as the match operator. Also, the left operand of =~ becomes tainted when use locale in effect if modified as a result of a substitution based on a regular expression match involving \w, \W, \s, or \S; or of case-mapping with \l, \L,\u or \U.

  • Case-mapping functions (lc(), lcfirst(), uc(), ucfirst()):

    Results are tainted if use locale is in effect.

There is no substitute for manual verification of the code for all these cases, unfortunately, as any of them can untaint data. Fortunately I did most of this manual verification during the run up to 1.0.6, and only missed (I hope) LINKTOOLTIPINFO, which I never use so didn't test. Unfortunately this once again points to how essential it is to manually test some of these weirder and less used options.

I think it's sufficient to fix the cases in the LINKTOOLTIPINFO flow where case conversion causes filename taints by using a Sandbox::untaintUnchecked. But I suspect there are other places in the code where these taint errors are lurking.

-- CrawfordCurrie - 18 Sep 2009

ItemTemplate edit

Summary Enabling LINKTOOLTIPINFO causes taint error
ReportedBy KennethLavrsen
Codebase
SVN Range Foswiki-1.0.6, Sun, 21 Jun 2009, build 4272
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins Foswikirev:4974 Foswikirev:4975
TargetRelease patch
ReleasedIn 1.0.7
Edit | Attach | Print version | History: r6 < r5 < r4 < r3 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r6 - 20 Sep 2009, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons LicenseGet Foswiki at sourceforge.net. Fast, secure and Free Open Source software downloads