don't allow invalid stash entry names

diff --git a/Changes b/Changes
index 2e96f70..de15ee8 100644 (file)
--- a/Changes
+++ b/Changes
@@ -4,6 +4,7 @@ Revision history for Package-Stash
       - bring the behavior of has_symbol for nonexistant scalars into line with
         the xs version
       - invalid package names (for instance, Foo:Bar) are not allowed
+      - invalid stash entry names (anything containing ::) are not allowed
 
 0.31  2011-08-08
       - fix ->add_symbol('$foo', qr/sdlfk/) on 5.12+

diff --git a/lib/Package/Stash/PP.pm b/lib/Package/Stash/PP.pm
index b3e3a7d..408f3be 100644 (file)
--- a/lib/Package/Stash/PP.pm
+++ b/lib/Package/Stash/PP.pm
@@ -92,6 +92,12 @@ sub namespace {
         (defined $variable && length $variable)
             || confess "You must pass a variable name";
 
+        # XXX in pure perl, this will access things in inner packages,
+        # in xs, this will segfault - probably look more into this at
+        # some point
+        ($variable !~ /::/)
+            || confess "Variable names may not contain ::";
+
         my $sigil = substr($variable, 0, 1, '');
 
         if (exists $SIGIL_MAP{$sigil}) {

diff --git a/t/paamayim_nekdotayim.t b/t/paamayim_nekdotayim.t
new file mode 100644 (file)
index 0000000..2096cb4
--- /dev/null
+++ b/t/paamayim_nekdotayim.t
@@ -0,0 +1,23 @@
+#!/usr/bin/env perl
+use strict;
+use warnings;
+use lib 't/lib';
+use Test::More;
+use Test::Fatal;
+
+use Package::Stash;
+
+my $stash = Package::Stash->new('Foo');
+# this segfaulted on the xs version
+like(
+    exception { $stash->add_symbol('@bar::baz') },
+    qr/^Variable names may not contain ::/,
+    "can't add symbol with ::"
+);
+like(
+    exception { $stash->get_symbol('@bar::baz') },
+    qr/^Variable names may not contain ::/,
+    "can't add symbol with ::"
+);
+
+done_testing;