X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=taint.c;h=dbb0a1e9dc82e117b8b8403ae34cc57906bdd499;hb=b8e6d11c134e93a7795379ceb62b7f950607c667;hp=f2e1a53fd7cc70dbdac86165b9aecaea908830e0;hpb=a0d0e21ea6ea90a22318550944fe6cb09ae10cda;p=p5sagit%2Fp5-mst-13.2.git

diff --git a/taint.c b/taint.c
index f2e1a53..dbb0a1e 100644
--- a/taint.c
+++ b/taint.c
@@ -8,37 +8,25 @@
 #include "perl.h"
 
 void
-taint_not(s)
-char *s;
-{
-    if (euid != uid)
-        croak("No %s allowed while running setuid", s);
-    if (egid != gid)
-        croak("No %s allowed while running setgid", s);
-}
-
-void
 taint_proper(f, s)
-char *f;
+const char *f;
 char *s;
 {
-    if (tainting) {
-	DEBUG_u(fprintf(stderr,"%s %d %d %d\n",s,tainted,uid, euid));
-	if (tainted) {
-	    char *ug = 0;
-	    if (euid != uid)
-		ug = " while running setuid";
-	    else if (egid != gid)
-		ug = " while running setgid";
-	    else if (tainting)
-		ug = " while running with -T switch";
-	    if (ug) {
-		if (!unsafe)
-		    croak(f, s, ug);
-		else if (dowarn)
-		    warn(f, s, ug);
-	    }
-	}
+    char *ug;
+
+    if (tainted) {
+	DEBUG_u(PerlIO_printf(PerlIO_stderr(),
+			      "%s %d %d %d\n", s, tainted, uid, euid));
+	if (euid != uid)
+	    ug = " while running setuid";
+	else if (egid != gid)
+	    ug = " while running setgid";
+	else
+	    ug = " while running with -T switch";
+	if (!unsafe)
+	    croak(f, s, ug);
+	else if (dowarn)
+	    warn(f, s, ug);
     }
 }
 
@@ -46,22 +34,24 @@ void
 taint_env()
 {
     SV** svp;
+    MAGIC *mg = 0;
 
-    if (tainting) {
-	MAGIC *mg = 0;
-	svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
-	if (!svp || *svp == &sv_undef || (mg = mg_find(*svp, 't'))) {
-	    tainted = 1;
-	    if (mg && MgTAINTEDDIR(mg))
-		taint_proper("Insecure directory in %s%s", "$ENV{PATH}");
-	    else
-		taint_proper("Insecure %s%s", "$ENV{PATH}");
-	}
-	svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE);
-	if (svp && *svp != &sv_undef && mg_find(*svp, 't')) {
-	    tainted = 1;
-	    taint_proper("Insecure %s%s", "$ENV{IFS}");
-	}
+    svp = hv_fetch(GvHVn(envgv),"PATH",4,FALSE);
+    if (!svp || *svp == &sv_undef ||
+	((mg = mg_find(*svp, 't')) && mg->mg_len & 1))
+    {
+	TAINT;
+	if (mg && MgTAINTEDDIR(mg))
+	    taint_proper("Insecure directory in %s%s", "$ENV{PATH}");
+	else
+	    taint_proper("Insecure %s%s", "$ENV{PATH}");
     }
-}
 
+    svp = hv_fetch(GvHVn(envgv),"IFS",3,FALSE);
+    if (svp && *svp != &sv_undef &&
+	(mg = mg_find(*svp, 't')) && mg->mg_len & 1)
+    {
+	TAINT;
+	taint_proper("Insecure %s%s", "$ENV{IFS}");
+    }
+}