Updated to match Configure.

[p5sagit/p5-mst-13.2.git] / taint.c

diff --git a/taint.c b/taint.c
index f2e1a53..be69c0e 100644 (file)
--- a/taint.c
+++ b/taint.c
@@ -23,7 +23,7 @@ char *f;
 char *s;
 {
     if (tainting) {
-       DEBUG_u(fprintf(stderr,"%s %d %d %d\n",s,tainted,uid, euid));
+       DEBUG_u(PerlIO_printf(PerlIO_stderr(), "%s %d %d %d\n",s,tainted,uid, euid));
        if (tainted) {
            char *ug = 0;
            if (euid != uid)
@@ -50,16 +50,20 @@ taint_env()
     if (tainting) {
        MAGIC *mg = 0;
        svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
-       if (!svp || *svp == &sv_undef || (mg = mg_find(*svp, 't'))) {
-           tainted = 1;
+       if (!svp || *svp == &sv_undef ||
+         ((mg = mg_find(*svp, 't')) && mg->mg_len & 1))
+       {
+           tainted = TRUE;
            if (mg && MgTAINTEDDIR(mg))
                taint_proper("Insecure directory in %s%s", "$ENV{PATH}");
            else
                taint_proper("Insecure %s%s", "$ENV{PATH}");
        }
        svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE);
-       if (svp && *svp != &sv_undef && mg_find(*svp, 't')) {
-           tainted = 1;
+       if (svp && *svp != &sv_undef &&
+         (mg = mg_find(*svp, 't')) && mg->mg_len & 1)
+       {
+           tainted = TRUE;
            taint_proper("Insecure %s%s", "$ENV{IFS}");
        }
     }