From: Nicholas Clark <nick@ccl4.org>
Date: Wed, 7 Feb 2007 23:49:44 +0000 (+0000)
Subject: TODO tests for eval of tainted scalars. (change 29193's regression)
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=5e500fc8e5f18cb370411f45f81b60a9e64dd0e5;p=p5sagit%2Fp5-mst-13.2.git

TODO tests for eval of tainted scalars. (change 29193's regression)

p4raw-id: //depot/perl@30167
---

diff --git a/t/op/taint.t b/t/op/taint.t
index ec7c498..f661108 100755
--- a/t/op/taint.t
+++ b/t/op/taint.t
@@ -17,7 +17,7 @@ use Config;
 use File::Spec::Functions;
 
 BEGIN { require './test.pl'; }
-plan tests => 257;
+plan tests => 260;
 
 $| = 1;
 
@@ -1214,3 +1214,19 @@ SKIP:
     $val = $n;
     is ($val, '7000000000', 'Assignment to tainted variable');
 }
+
+{
+    local $::TODO = "eval currently ignores tainting";
+    my $val = 0;
+    my $tainted = '1' . $TAINT;
+    eval '$val = eval $tainted;';
+    is ($val, 0, "eval doesn't like tainted strings");
+    like ($@, qr/^Insecure dependency in eval/);
+
+    # Rather nice code to get a tainted by from Rick Delaney
+    open 0 or die $!;
+    $tainted=(<0>,<0>);
+
+    eval 'eval $tainted';
+    like ($@, qr/^Insecure dependency in eval/);
+}