From: Dave Mitchell Date: Mon, 5 Jan 2004 22:17:04 +0000 (+0000) Subject: [perl #24674] X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=3511154c18a0900e8873e8e72a4b74931525e718;p=p5sagit%2Fp5-mst-13.2.git [perl #24674] stop $^O getting tainted on read access, and disallow tainted assignment to it p4raw-id: //depot/perl@22071 --- diff --git a/mg.c b/mg.c index 66e02b7..f79210e 100644 --- a/mg.c +++ b/mg.c @@ -648,8 +648,10 @@ Perl_magic_get(pTHX_ SV *sv, MAGIC *mg) sv_setsv(sv, &PL_sv_undef); break; case '\017': /* ^O & ^OPEN */ - if (*(mg->mg_ptr+1) == '\0') + if (*(mg->mg_ptr+1) == '\0') { sv_setpv(sv, PL_osname); + SvTAINTED_off(sv); + } else if (strEQ(mg->mg_ptr, "\017PEN")) { if (!PL_compiling.cop_io) sv_setsv(sv, &PL_sv_undef); @@ -2091,8 +2093,10 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) if (*(mg->mg_ptr+1) == '\0') { if (PL_osname) Safefree(PL_osname); - if (SvOK(sv)) + if (SvOK(sv)) { + TAINT_PROPER("assigning to $^O"); PL_osname = savepv(SvPV(sv,len)); + } else PL_osname = Nullch; } diff --git a/t/op/taint.t b/t/op/taint.t index 579545a..6c35e86 100755 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -124,7 +124,7 @@ my $echo = "$Invoke_Perl $ECHO"; my $TEST = catfile(curdir(), 'TEST'); -print "1..220\n"; +print "1..223\n"; # First, let's make sure that Perl is checking the dangerous # environment variables. Maybe they aren't set yet, so we'll @@ -1034,4 +1034,14 @@ else test 219, !tainted($1); ($r = $TAINT) =~ /($TAINT)/; test 220, tainted($1); + + # [perl #24674] + # accessing $^O shoudn't taint it as a side-effect; + # assigning tainted data to it is now an error + + test 221, !tainted($^O); + if (!$^X) { } elsif ($^O eq 'bar') { } + test 222, !tainted($^O); + eval '$^O = $^X'; + test 223, $@ =~ /Insecure dependency in/; }