Skip Menu |

This queue is for tickets about the File-MMagic CPAN distribution.

Report information
The Basics
Id: 25614
Status: new
Priority: 0/
Queue: File-MMagic

Owner: Nobody in particular
Requestors: jflack [...]

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

Subject: [PATCH] use of magic-open causes failure or worse for some filenames
Date: Wed, 21 Mar 2007 13:43:36 -0400
To: bug-File-MMagic [...]
From: Chapman Flack <jflack [...]>
Download (untitled) / with headers
text/plain 1.4k
checktype_filename uses the one-argument new FileHandle "< $file" which results in "magic open". As described in, "One should conscientiously choose between the magic and 3-arguments form of open()." The magic form allows filenames with metacharacters that can cause redirection and command execution, but will also fail to open legitimate files whose names contain metacharacters. The conscientious choice depends on the purpose. The most common purpose of a file-type checking module is to determine the types of existing named files; it would be odd to use checktype_filename to determine the content-type of a command pipeline. It would be very common to use it to determine types of files encountered in scanning a filesystem, where the scanning program has no prior knowledge or control over the names it will encounter. As implemented, a scanner will fail if it hits files whose names contain metacharacters, and by creating files with clever names, a user can have commands executed with the privileges of the scanning program. For these purposes, the conscientious choice is the non- magic open, which treats all filenames literally. The attached patch corrects the issue. Users of an unpatched File::MMagic can work around the issue by opening files explicitly and using checktype_filehandle instead (but will lose functionality for non-file and x-bit detection). Chapman Flack Purdue Mathematics
text/plain 409b
diff -u --- Tue May 23 01:55:27 2006 +++ Wed Mar 21 12:24:28 2007 @@ -540,7 +540,7 @@ my $fh; # $fh = new FileHandle "< $file" or die "$F: $file: $!\n" ; - $fh = new FileHandle "< $file" or return "x-system/x-error; $file: $!\n" ; + $fh = new FileHandle "$file", "<" or return "x-system/x-error; $file: $!\n"; binmode($fh); # for MSWin32

This service is sponsored and maintained by Best Practical Solutions and runs on infrastructure.

Please report any issues with to