remove inconsistent tainting behavior of sprintf("%e",...)

(all bets are off is "C" locale is compromised)

p4raw-id: //depot/perl@4449

diff --git a/pod/perlfunc.pod b/pod/perlfunc.pod
index 42c5d2b..f8efd7e 100644 (file)
--- a/pod/perlfunc.pod
+++ b/pod/perlfunc.pod
@@ -4195,13 +4195,6 @@ If C<use locale> is in effect, the character used for the decimal
 point in formatted real numbers is affected by the LC_NUMERIC locale.
 See L<perllocale>.
 
-To cope with broken systems that allow the standard locales to be
-overridden by malicious users, the return value may be tainted
-if any of the floating point formats are used and the conversion
-yields something that doesn't look like a normal C-locale floating
-point number.  This happens regardless of whether C<use locale> is
-in effect or not.
-
 If Perl understands "quads" (64-bit integers) (this requires
 either that the platform natively supports quads or that Perl
 has been specifically compiled to support quads), the characters

diff --git a/pod/perllocale.pod b/pod/perllocale.pod
index 510117f..475cc0d 100644 (file)
--- a/pod/perllocale.pod
+++ b/pod/perllocale.pod
@@ -641,11 +641,12 @@ case-mapping table is in effect.
 
 =item *
 
-If the decimal point character in the C<LC_NUMERIC> locale is
-surreptitiously changed from a dot to a comma, C<sprintf("%g",
-0.123456e3)> produces a string result of "123,456". Many people would
-interpret this as one hundred and twenty-three thousand, four hundred
-and fifty-six.
+Some systems are broken in that they allow the "C" locale to be
+overridden by users.  If the decimal point character in the
+C<LC_NUMERIC> category of the "C" locale is surreptitiously changed
+from a dot to a comma, C<sprintf("%g", 0.123456e3)> produces a
+string result of "123,456".  Many people would interpret this as
+one hundred and twenty-three thousand, four hundred and fifty-six.
 
 =item *
 
@@ -714,10 +715,6 @@ if modified as a result of a substitution based on a regular
 expression match involving C<\w>, C<\W>, C<\s>, or C<\S>; or of
 case-mapping with C<\l>, C<\L>,C<\u> or C<\U>.
 
-=item B<In-memory formatting function> (sprintf()):
-
-Result is tainted if C<use locale> is in effect.
-
 =item B<Output formatting functions> (printf() and write()):
 
 Success/failure result is never tainted.

diff --git a/sv.c b/sv.c
index 30de6af..4402b86 100644 (file)
--- a/sv.c
+++ b/sv.c
@@ -5478,38 +5478,6 @@ Perl_sv_vcatpvfn(pTHX_ SV *sv, const char *pat, STRLEN patlen, va_list *args, SV
 
            eptr = PL_efloatbuf;
            elen = strlen(PL_efloatbuf);
-
-#ifdef USE_LOCALE_NUMERIC
-           /*
-            * User-defined locales may include arbitrary characters.
-            * And, unfortunately, some (broken) systems may allow the
-            * "C" locale to be overridden by a malicious user.
-            * XXX This is an extreme way to cope with broken systems.
-            */
-           if (maybe_tainted && PL_tainting) {
-               /* safe if it matches /[-+]?\d*(\.\d*)?([eE][-+]?\d*)?/ */
-               if (*eptr == '-' || *eptr == '+')
-                   ++eptr;
-               while (isDIGIT(*eptr))
-                   ++eptr;
-               if (*eptr == '.') {
-                   ++eptr;
-                   while (isDIGIT(*eptr))
-                       ++eptr;
-               }
-               if (*eptr == 'e' || *eptr == 'E') {
-                   ++eptr;
-                   if (*eptr == '-' || *eptr == '+')
-                       ++eptr;
-                   while (isDIGIT(*eptr))
-                       ++eptr;
-               }
-               if (*eptr)
-                   *maybe_tainted = TRUE;      /* results are suspect */
-               eptr = PL_efloatbuf;
-           }
-#endif /* USE_LOCALE_NUMERIC */
-
            break;
 
            /* SPECIAL */