Finding the source of a perl taint mode error

Question

Finding the source of a perl taint mode error

When I run the perl CGI script in taint mode, I get a form error ...

Insecure dependency in some_function while running with -T switch at (eval some_line) line some_other_line.
Compilation failed in require at my-script.cgi line 39.
BEGIN failed--compilation aborted at my-script.cgi line 39.

my- script.cgi line 39 is a use statement for the perl module, which itself does not use eval or some_function, but presumably uses another library that does. The line numbers some_line and some_other_line do not seem to make sense either in my- script.cgi or in the library that is “used” in line 39 of my-script.cgi.

Given this error, how can I track where the taint error occurs?

I tried installing a new die signal handler that should print a stack trace, i.e.

$SIG{ __DIE__ } = sub { require Carp; Carp::confess(@_); };

but this does not seem to affect the error. Perhaps this is the wrong signal to be a trap, not too early, or something more complex.

+5

perl cgi taint

Matt sheppard Jun 15 '11 at 5:03

source share

2 answers

daxim · Answer 1 · 2011-06-15T09:24:08+0000

Carp :: Always works fine with exceptions caused by taint checks. Output Example:

$ perl -MCarp::Always -T blah.pl
Insecure dependency in sprintf while running with -T switch at blah.pl line 6
        main::foo() called at blah.pl line 8
        main::bar() called at blah.pl line 10

jmcnamara · Answer 2 · 2011-06-15T08:48:23+0000

I use Devel :: SimpleTrace these days for debugging, and recently it has helped me find an error when using Archive :: Zip.

However, I do not know if this would work in your case, since it essentially installs the same sig handler that you used.

Finding the source of a perl taint mode error

More articles: