From: Radu Greab <radu@netsoft.ro>
Date: Thu, 1 Mar 2001 21:47:22 +0000 (+0200)
Subject: Re: sync sync sync: have I missed any patches?
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=91b2752fd727c3be466bc3193417272f8aeab087;p=p5sagit%2Fp5-mst-13.2.git

Re: sync sync sync: have I missed any patches?
Message-ID: <15006.42826.747914.669893@ix.netsoft.ro>

Fixes the bugs 20010221.005 and 20010221.008: "the taint checker
was checking argv[0] regardless of whether a different pathname
will actually be executed."  Test case not supplied because
drafting that, ironically enough, revealed another bug
(or a feature).

p4raw-id: //depot/perl@8982
---

diff --git a/doio.c b/doio.c
index 53863b6..3ed517b 100644
--- a/doio.c
+++ b/doio.c
@@ -1294,15 +1294,18 @@ Perl_do_aexec5(pTHX_ SV *really, register SV **mark, register SV **sp,
 		*a++ = "";
 	}
 	*a = Nullch;
-	if (*PL_Argv[0] != '/')	/* will execvp use PATH? */
+	if (really)
+	    tmps = SvPV(really, n_a);
+	if ((!really && *PL_Argv[0] != '/') ||
+	    (really && *tmps != '/'))		/* will execvp use PATH? */
 	    TAINT_ENV();		/* testing IFS here is overkill, probably */
-	if (really && *(tmps = SvPV(really, n_a)))
+	if (really && *tmps)
 	    PerlProc_execvp(tmps,EXEC_ARGV_CAST(PL_Argv));
 	else
 	    PerlProc_execvp(PL_Argv[0],EXEC_ARGV_CAST(PL_Argv));
 	if (ckWARN(WARN_EXEC))
 	    Perl_warner(aTHX_ WARN_EXEC, "Can't exec \"%s\": %s",
-		PL_Argv[0], Strerror(errno));
+		(really ? tmps : PL_Argv[0]), Strerror(errno));
 	if (do_report) {
 	    int e = errno;