Test::Taint

Test::Taint package contains tools to test taintedness.
Download

Test::Taint Ranking & Summary

Advertisement

  • Rating:
  • License:
  • Perl Artistic License
  • Price:
  • FREE
  • Publisher Name:
  • Andy Lester
  • Publisher web site:
  • http://search.cpan.org/~petdance/Test-Memory-Cycle-1.04/Cycle.pm

Test::Taint Tags


Test::Taint Description

Test::Taint package contains tools to test taintedness. Test::Taint package contains tools to test taintedness.SYNOPSIS taint_checking_ok(); # We have to have taint checking on my $id = "deadbeef"; # Dummy session ID taint( $id ); # Simulate it coming in from the web tainted_ok( $id ); $id = validate_id( $id ); # Your routine to check the $id untainted_ok( $id ); # Did it come back clean? ok( defined $id );Tainted data is data that comes from an unsafe source, such as the command line, or, in the case of web apps, any GET or POST transactions. Read the perlsec man page for details on why tainted data is bad, and how to untaint the data.When you're writing unit tests for code that deals with tainted data, you'll want to have a way to provide tainted data for your routines to handle, and easy ways to check and report on the taintedness of your data, in standard Test::More style.Test::More-style FunctionsAll the xxx_ok() functions work like standard Test::More-style functions, where the last parm is an optional message, it outputs ok or not ok, and returns a boolean telling if the test passed.taint_checking_ok( )Test::More-style test that taint checking is on. This should probably be the first thing in any *.t file that deals with taintedness.tainted_ok( $var )Checks that $var is tainted. tainted_ok( $ENV{FOO} );untainted_ok( $var )Checks that $var is not tainted. my $foo = my_validate( $ENV{FOO} ); untainted_ok( $foo );tainted_ok_deeply( $var )Checks that $var is tainted. If $var is a reference, it recursively checks every variable to make sure they are all tainted. tainted_ok_deeply( %ENV );untainted_ok_deeply( $var )Checks that $var is not tainted. If $var is a reference, it recursively checks every variable to make sure they are all not tainted. my %env = my_validate( %ENV ); untainted_ok_deeply( %env ); Requirements: · Perl


Test::Taint Related Software

About SoftwareSea