Retract #7863. It makes more sense not to taint formatted output,

not even by sprintf().

p4raw-id: //depot/perl@7875

diff --git a/sv.c b/sv.c
index be1947a..a6e453f 100644 (file)
--- a/sv.c
+++ b/sv.c
@@ -6623,11 +6623,10 @@ Perl_sv_vcatpvfn(pTHX_ SV *sv, const char *pat, STRLEN patlen, va_list *args, SV
                *--eptr = '#';
            *--eptr = '%';
 
+           /* No taint.  Otherwise we are in the strange
+            * situaiton where printf() taints but print($float) doesn't.
+            * --jhi */
            (void)sprintf(PL_efloatbuf, eptr, nv);
-#ifdef USE_LOCALE_NUMERIC
-           if ((PL_hints & HINT_LOCALE) && maybe_tainted)
-               *maybe_tainted = TRUE;
-#endif
 
            eptr = PL_efloatbuf;
            elen = strlen(PL_efloatbuf);