2
|
1 #!/usr/bin/env perl
|
|
2 use warnings;
|
|
3
|
|
4 my $script = shift;
|
|
5 open OUT, ">", shift;
|
|
6 open STDOUT, ">", shift;
|
|
7 open STDERR, ">", shift;
|
|
8
|
|
9 print OUT $script, "\n";
|
|
10
|
|
11 my $open = "";
|
|
12 my @files;
|
|
13 for(my $i = 0; @ARGV; $i++) {
|
|
14 my $fn = shift;
|
|
15 push @files, $fn;
|
|
16 $open .= qq(open IN$i, "<", "$fn";\n);
|
|
17 }
|
|
18
|
|
19 if($script =~ /(open)|(system)|(`.+`)|([$@%]ENV)/smg) {
|
|
20 printf(STDERR "Found vulnerable code (open, system, backticks) in given script.");
|
|
21 exit(1);
|
|
22 }
|
|
23
|
|
24 eval("$open$script");
|
|
25
|
|
26 close OUT;
|