From: deekoo <deekoo@tentacle.net>
Date: Thu, 19 Jul 2001 00:03:46 +0000 (-0700)
Subject: Security hole in taint checking in open()
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=dd531b3b18052c3e70d0cb325e89704d77851a3f;p=p5sagit%2Fp5-mst-13.2.git

Security hole in taint checking in open()
Message-Id:  <Pine.LNX.4.33.0107182248330.11996-100000@chaos.tentacle.net>

p4raw-id: //depot/perl@11410
---

diff --git a/doio.c b/doio.c
index d0d28b0..e8ee679 100644
--- a/doio.c
+++ b/doio.c
@@ -235,6 +235,7 @@ Perl_do_openn(pTHX_ GV *gv, register char *name, I32 len, int as_raw,
 	if ((*type == IoTYPE_RDWR) && /* scary */
            (*(type+1) == IoTYPE_RDONLY || *(type+1) == IoTYPE_WRONLY) &&
 	    ((!num_svs || (tend > type+1 && tend[-1] != IoTYPE_PIPE)))) {
+        TAINT_PROPER("open");
 	    mode[1] = *type++;
 	    writing = 1;
 	}