From: Jarkko Hietaniemi Date: Thu, 10 Jul 2003 23:23:38 +0000 (+0000) Subject: Check PERL_HASH_SEED even when tainted. X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=183c3da10ba46f0626790e1aa75f641397137480;p=p5sagit%2Fp5-mst-13.2.git Check PERL_HASH_SEED even when tainted. p4raw-id: //depot/perl@20134 --- diff --git a/perl.c b/perl.c index a035a6c..1738489 100644 --- a/perl.c +++ b/perl.c @@ -901,11 +901,7 @@ setuid perl scripts securely.\n"); /* [perl #22371] Algorimic Complexity Attack on Perl 5.6.1, 5.8.0 * This MUST be done before any hash stores or fetches take place. */ { - bool earlytaint = doing_taint(argc, argv, env); - char *s = NULL; - - if (!earlytaint) - s = PerlEnv_getenv("PERL_HASH_SEED"); + char *s = PerlEnv_getenv("PERL_HASH_SEED"); if (s) while (isSPACE(*s)) s++; if (s && isDIGIT(*s)) diff --git a/pod/perlrun.pod b/pod/perlrun.pod index 49573a6..26d0bc4 100644 --- a/pod/perlrun.pod +++ b/pod/perlrun.pod @@ -1108,12 +1108,11 @@ PERL_ENCODING environment variable is consulted for an encoding name. =item PERL_HASH_SEED -(Since Perl 5.8.1.) - -Used to randomise Perl's internal hash function. To emulate the -pre-5.8.1 behaviour, set to an integer (zero means exactly the same -order as 5.8.0). "Pre-5.8.1" means, among other things, that hash -keys will be ordered the same between different runs of Perl. +(Since Perl 5.8.1.) Used to randomise Perl's internal hash function. +To emulate the pre-5.8.1 behaviour, set to an integer (zero means +exactly the same order as 5.8.0). "Pre-5.8.1" means, among other +things, that hash keys will be ordered the same between different runs +of Perl. The default behaviour is to randomise unless the PERL_HASH_SEED is set. If Perl has been compiled with C<-DUSE_HASH_SEED_EXPLICIT>, the default @@ -1121,14 +1120,15 @@ behaviour is B to randomise unless the PERL_HASH_SEED is set. If PERL_HASH_SEED is unset or set to a non-numeric string, Perl uses the pseudorandom seed supplied by the operating system and libraries. -If unset, each different run of Perl will have different ordering of -the outputs of keys(), values(), and each(). +This means that each different run of Perl will have a different +ordering of the results of keys(), values(), and each(). See L for more information. =item PERL_HASH_SEED_DEBUG -Set to (anything) to display the value of the hash seed. +(Since Perl 5.8.1.) Set to (anything) to display (to STDERR) +the value of the hash seed at the beginning of execution. =item PERL_ROOT (specific to the VMS port)