2006-09-28 Jim Meyering <jim@meyering.net>
+ * tests/rm/fail-eperm: Enable Perl's (-T) taint checking.
+ Ensure that IFS is set properly and unset PATH.
+ Sanitize inputs.
+ Work properly even when the name of the selected file starts with "-".
+ Invoke rm via "../../src/rm", and adjust expected output.
+ Prompted by a patch from Tim Waugh.
+
* README-cvs: Add Bison to the list of required packages.
2006-09-26 Jim Meyering <jim@meyering.net>
# Ensure that rm gives the expected diagnostic when failing to remove a file
# owned by some other user in a directory with the sticky bit set.
-# Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc.
+# Copyright (C) 2002, 2003, 2004, 2006 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
ARGV_0=$0
export ARGV_0
-exec $PERL -w -- - << \EOP
+exec $PERL -Tw -- - << \EOP
require 5.003;
use strict;
# Ensure that the diagnostics are in English.
$ENV{LC_ALL} = 'C';
+# Set up a safe, well-known environment
+delete $ENV{PATH};
+$ENV{IFS} = '';
+
my @dir_list = qw(/tmp /var/tmp /usr/tmp);
+my $rm = '../../src/rm';
# Find a directory with the sticky bit set.
my $found_dir;
foreach my $f (readdir DIR_HANDLE)
{
+ # Consider only names containing "safe" characters.
+ $f =~ /^([-\@\w.]+)$/
+ or next;
+ $f = $1; # untaint $f
+
my $target_file = "$dir/$f";
$verbose
and warn "$ME: considering $target_file\n";
# Invoke rm on this file and ensure that we get the
# expected exit code and diagnostic.
- my $cmd = "rm -f $target_file";
+ my $cmd = "$rm -f -- $target_file";
open RM, "$cmd 2>&1 |"
or die "$ME: cannot execute `$cmd'\n";
or die "$ME: unexpected exit status from `$cmd';\n"
. " got $status, expected 1\n";
- my $exp = "rm: cannot remove `$target_file':";
+ my $exp = "$rm: cannot remove `$target_file':";
$line
or die "$ME: no output from `$cmd';\n"
. "expected something like `$exp ...'\n";
projects / thirdparty / coreutils.git / commitdiff
