projects / p5sagit/p5-mst-13.2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw (parent: 46726cb)
Impose security constraints on lnm lookup only if tainting
Charles Bailey [Sun, 27 Feb 2000 05:07:08 +0000 (05:07 +0000)]
p4raw-id: //depot/vmsperl@5282

vms/vms.c patch | blob | blame | history

diff --git a/vms/vms.c b/vms/vms.c
index cf8ccd2..deae32f 100644 (file)
--- a/vms/vms.c
+++ b/vms/vms.c
@@ -273,6 +273,8 @@ Perl_my_getenv(pTHX_ const char *lnm, bool sys)
         idx = strtoul(cp2+1,NULL,0);
         lnm = uplnm;
       }
+      /* Impose security constraints only if tainting */
+      if (sys) sys = PL_curinterp ? PL_tainting : will_taint;
       if (vmstrnenv(lnm,eqv,idx,
                     sys ? fildev : NULL,
 #ifdef SECURE_INTERNAL_GETENV
@@ -319,6 +321,8 @@ my_getenv_len(const char *lnm, unsigned long *len, bool sys)
         idx = strtoul(cp2+1,NULL,0);
         lnm = buf;
       }
+      /* Impose security constraints only if tainting */
+      if (sys) sys = PL_curinterp ? PL_tainting : will_taint;
       if ((*len = vmstrnenv(lnm,buf,idx,
                            sys ? fildev : NULL,
 #ifdef SECURE_INTERNAL_GETENV
Unnamed repository; edit this file to name it for gitweb.