SEI CERT Perl Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 13

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version Current

changes.mady.by.user Francesco Mariani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ffcccc
langperl
use File::PathConvert qw(realpath $resolved);

sub work_with_image {
  my ($image_file) = @_; # untrusted
  $image_file = realpath("/img/$image_file") || croak "Resolution stopped at $resolved";
  if ($image_file !~ m|/img/|) {
    croak "Image file not in /img";
  }
  open( my $image, "<", $image_file) or croak "Can't open $image_file";
  # ...
}

...

Code Block
bgColor#ccccff
langperl
use Cwd 'abs_path';

sub work_with_image {
  my ($image_file) = @_; # untrusted
  $image_file = abs_path("/img/$image_file");
  $filename = abs_path( $filename);
  if ($image_file !~ m|/img/|) {
    croak "Image file not in /img";
  }
  open( my $image, "<", $image_file) or croak "Can't open $image_file";
  # ...
}

...

Producing canonical file names for Windows operating systems is extremely complex and beyond the scope of this standard. The best advice is to try to avoid making decisions on the basis of a path, directory, or file name [Howard 2002]. Alternatively, use operating system–based mechanisms, such as access control lists (ACLs) or other authorization techniques.

Risk Assessment

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

IDS00-PL

medium

unlikely

medium

P4

L3

Automated Detection

Tool

Diagnostic

Notes
Taint mode

Insecure dependency in .*open

Detects only files open for writing.
Does not detect files open only for reading.

Security Reviewer - Static Reviewer

PERL_S91
PERL_S32


Related Guidelines

SEI CERT C
Secure
Coding StandardFIO02-C. Canonicalize path names originating from
untrusted
tainted sources
SEI CERT C++
Secure
Coding StandardVOID FIO02-CPP. Canonicalize path names originating from untrusted sources
CERT Oracle Secure Coding Standard for JavaMET02-J. Do not use deprecated or obsolete classes or methods

Bibliography

[CPAN]Slaymaker, Barrie, File::PathConvert; Müller, Steffen, File::Spec
[Howard 2002]Chapter 11, "Canonical Representation Issues"
[VU#764027]zml.cgi does not adequately validate user input thereby allowing directory traversal
[VU#806091]Mike Spice's My Calendar does not adequately validate user input
[Wall 2011]Cwd

...


...

Image Modified Image Modified Image Modified