http://qs321.pair.com?node_id=11141283

bliako has asked for the wisdom of the Perl Monks concerning the following question:

use strict; use warnings; use FindBin; use File::Spec; my $whereami = $FindBin::Bin; use Test::More; #my $infile = 'config/ytmd.cfg'; # no problem #my $infile = File::Spec->catdir('config', 'abc.cfg'); # no problem my $infile = File::Spec->catdir($whereami, 'config', 'ytmd.cfg'); # pr +oblem open my $fh, '<:encoding(UTF-8)', $infile or die; close $fh; done_testing;

Doing a perl -T xx.pl or prove -T xx.pl (for the above script), it fails with this message Unknown PerlIO layer "encoding" at xx.pl line 14. which can be fixed with a use PerlIO::encoding; and it does not complain about what looks to me like tainted input.

However, if I remove use Test::More then the error becomes Insecure dependency in require while running with -T switch at xx.pl line 14. which is what i would expect. I am missing out something, for sure.

Perl v5.32 Test::More v1.302188 (latest)

bw, bliako

Replies are listed 'Best First'.
Re: Unknown PerlIO layer "encoding" when it should fail because it's tainted
by choroba (Cardinal) on Feb 09, 2022 at 18:29 UTC
    I was able to reduce the code even more:
    #!/usr/bin/perl -T use strict; use warnings; use FindBin; my $whereami = $FindBin::Bin; open my $fh, '<:encoding(UTF-8)', $whereami or die;

    Note that untainting $whereami before opening the file prevents the error:

    $whereami =~ /^(.*)$/ and $whereami = $1;

    Interestingly, removing the :encoding prevents the error, too, without untainting, which seems wrong.

    map{substr$_->[0],$_->[1]||0,1}[\*||{},3],[[]],[ref qr-1,-,-1],[{}],[sub{}^*ARGV,3]

      not for me unless I add use Test::More;

Re: Unknown PerlIO layer "encoding" when it should fail because it's tainted
by haj (Vicar) on Feb 09, 2022 at 21:15 UTC

    This is indeed unfortunate behavior of perlio.c and PerlIO, if not a bug - but also a questionable expectation.

    It is not necessarily the case that reading from a tainted path causes an Insecure dependency. You can do that quite fine. Taint checking only kicks in if you want to use the tainted data you get from the file in a certain fashion, which the code doesn't. So I would expect that it just works even in taint mode.

    A bit of digging reveals: Using Test::More makes a difference because Test::More loads PerlIO, but not PerlIO::encoding.

    • Your argument list to open is tainted, but I have no idea how the tainted $whereami affects the string '<:encoding(UTF-8)'.
    • PerlIO extracts the module to load (here: PerlIO::encoding) from your open parameter. Loading a tainted module name is fatal under -T, because unlike reading, it executes code. But it loads with eval, so that fatal error is caught, and converted it to a mere warning. I have not figured out where and how this warning is caught and converted to that strange message Unknown PerlIO layer "encoding".
    • This does not happen, of course, if you have loaded PerlIO::encoding in advance!

    If neither PerlIO nor PerlIO::encoding are loaded, then something in perlio.c seems to try to load PerlIO::encoding without the safeguard of an eval - and throws the Insecure dependency is thrown in your face.

    I would expect that open in its three-argument-form would be able to treat encoding as not tainted even if the path is tainted, and hence consider this a bug.