From: "Curtis Poe" <cp@onsitetech.com>
Date: Tue, 21 May 2002 11:17:40 -0700
Message-ID: <
015c01c200f3$cb691670$1a01a8c0@ot.onsitetech.com>
Subject: [Patch] for security problem with Text::ParseWords
From: "Curtis Poe" <cp@onsitetech.com>
Date: Tue, 21 May 2002 15:10:18 -0700
Message-ID: <
022f01c20114$4b3c4550$1a01a8c0@ot.onsitetech.com>
p4raw-id: //depot/perl@16727
sub parse_line {
# We will be testing undef strings
no warnings;
+ use re 'taint'; # if it's tainted, leave it as such
my($delimiter, $keep, $line) = @_;
my($quote, $quoted, $unquoted, $delim, $word, @pieces);
while ($_ ne '') {
$field = '';
for (;;) {
+ use re 'taint'; # leave strings tainted
if (s/^"(([^"\\]|\\.)*)"//) {
($snippet = $1) =~ s#\\(.)#$1#g;
}