👤
Home Man
Search
Today's Posts
Register

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:
Select Section of Man Page:
Select Man Page Repository:

CentOS 7.0 - man page for test::taint (centos section 3)

Taint(3)		       User Contributed Perl Documentation			 Taint(3)

NAME
       Test::Taint - Tools to test taintedness

VERSION
       Version 1.06

SYNOPSIS
	   taint_checking_ok();        # We have to have taint checking on
	   my $id = "deadbeef";        # Dummy session ID
	   taint( $id );	       # Simulate it coming in from the web
	   tainted_ok( $id );
	   $id = validate_id( $id );   # Your routine to check the $id
	   untainted_ok( $id );        # Did it come back clean?
	   ok( defined $id );

DESCRIPTION
       Tainted data is data that comes from an unsafe source, such as the command line, or, in
       the case of web apps, any GET or POST transactions.  Read the perlsec man page for details
       on why tainted data is bad, and how to untaint the data.

       When you're writing unit tests for code that deals with tainted data, you'll want to have
       a way to provide tainted data for your routines to handle, and easy ways to check and
       report on the taintedness of your data, in standard Test::More style.

"Test::More"-style Functions
       All the "xxx_ok()" functions work like standard "Test::More"-style functions, where the
       last parm is an optional message, it outputs ok or not ok, and returns a boolean telling
       if the test passed.

   taint_checking_ok( [$message] )
       Test::More-style test that taint checking is on.  This should probably be the first thing
       in any *.t file that deals with taintedness.

   tainted_ok( $var [, $message ] )
       Checks that $var is tainted.

	   tainted_ok( $ENV{FOO} );

   untainted_ok( $var [, $message ] )
       Checks that $var is not tainted.

	   my $foo = my_validate( $ENV{FOO} );
	   untainted_ok( $foo );

   tainted_ok_deeply( $var [, $message ] )
       Checks that $var is tainted.  If $var is a reference, it recursively checks every variable
       to make sure they are all tainted.

	   tainted_ok_deeply( \%ENV );

   untainted_ok_deeply( $var [, $message ] )
       Checks that $var is not tainted.  If $var is a reference, it recursively checks every
       variable to make sure they are all not tainted.

	   my %env = my_validate( \%ENV );
	   untainted_ok_deeply( \%env );

Helper Functions
       These are all helper functions.	Most are wrapped by an "xxx_ok()" counterpart, except for
       "taint" which actually does something, instead of just reporting it.

   taint_checking()
       Returns true if taint checking is enabled via the -T flag.

   tainted( $var )
       Returns boolean saying if $var is tainted.

   tainted_deeply( $var )
       Returns boolean saying if $var is tainted.  If $var is a reference it recursively checks
       every variable to make sure they are all tainted.

   taint( @list )
       Marks each (apparently) taintable argument in @list as being tainted.

       References can be tainted like any other scalar, but it doesn't make sense to, so they
       will not be tainted by this function.

       Some "tie"d and magical variables may fail to be tainted by this routine, try as it may.)

   taint_deeply( @list )
       Similar to "taint", except that if any elements in @list are references, it walks deeply
       into the data structure and marks each taintable argument as being tainted.

       If any variables are "tie"d this will taint all the scalars within the tied object.

AUTHOR
       Written by Andy Lester, "<andy@petdance.com>".

COPYRIGHT
       Copyright 2004, Andy Lester, All Rights Reserved.

       You may use, modify, and distribute this package under the same terms as Perl itself.

perl v5.16.3				    2012-10-19					 Taint(3)


All times are GMT -4. The time now is 12:04 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
×
UNIX.COM Login
Username:
Password:  
Show Password