Tools to test taintedness
Tainted data is data that comes from an unsafe source, such as the command
line, or, in the case of web apps, any GET or POST transactions. Read the
the perlsec manpage man page for details on why tainted data is bad, and
how to untaint the data.
When you're writing unit tests for code that deals with tainted data,
you'll want to have a way to provide tainted data for your routines to
handle, and easy ways to check and report on the taintedness of your data,
in standard the Test::More manpage style.
- Developed at devel:languages:perl
- Sources inherited from project openSUSE:Factory
-
2
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory:RISCV/perl-Test-Taint && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| Test-Taint-1.06.tar.gz | 0000013346 13 KB | |
| perl-Test-Taint.changes | 0000001072 1.05 KB | |
| perl-Test-Taint.spec | 0000002242 2.19 KB |
Revision 7 (latest revision is 11)
Stephan Kulow (coolo)
accepted
request 177523
from
Stephan Kulow (coolo)
(revision 7)
- updated to 1.06
[ENHANCEMENTS]
tainted() now localizes $SIG{__DIE__} before performing the
taint check. If the calling program has its own $SIG{__DIE__},
we don't want to use it. Thanks, Pete Krawczyk.
https://rt.cpan.org/Ticket/Display.html?id=23507
[FIXES]
Checks for undef before opening files when trying to create
some taint. Thanks Frédéric Buclin.
https://rt.cpan.org/Ticket/Display.html?id=51246 (forwarded request 177498 from coolo)
Comments 0