[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

20000817: varget problem: segmentation fault



Bill,

>Date: Wed, 16 Aug 2000 16:49:04 -0700
>From: "William R Moninger" <address@hidden>
>Organization: NOAA/FSL
>To: Steve Emmerson <address@hidden>
>Subject: Re: 20000816: varget problem: segmentation fault
>Keywords: 200008161736.e7GHaON16062

The above message contained the following:

> talk about obscure!  It looks like the problem was caused by perl's
> Taint flag (always a good thing to use).

I have to admit, I've never used the "taint" flag.

My perl manual page says this about the "taint" flag:

     -T   forces "taint" checks to be turned on so you can test
          them.  Ordinarily these checks are done only when
          running setuid or setgid.  It's a good idea to turn
          them on explicitly for programs that run on behalf of
          someone else whom you might not necessarily trust, such
          as CGI programs or any internet servers you might write
          in Perl.  See the perlsec manpage for details.  ...

Are you executing the perl script setuid or setgid?

> The $filename variable was tainted because it was made up of variables
> that included $ARG[m].  Apparently some of the netCDF routines don't
> care about tainted variables, but ncvarget does.
> 
> When I untaint the variable as follows:
>     # untaint the filename
>     $filename =~ /(.*)/;
>     $filename = $1;
> 
> the problem seems to go away.  It also goes away if I remove the taint
> flag.  
> 
> I'm not certain this is the end of the problem--I recall having a
> similar problem in an earlier perl script that used the netCDF module
> and I made that disappear by adding a few no-op lines of code.  (That
> wasn't a solution I was very happy with.)  
> 
> I wonder if you can duplicate this on your installation?

I can try, but I don't know when I'll get around to it.

Regards,
Steve Emmerson   <http://www.unidata.ucar.edu>