summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/perl/perl-5.14.3/debian/fixes/index-tainting.diff
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-devtools/perl/perl-5.14.3/debian/fixes/index-tainting.diff')
-rw-r--r--meta/recipes-devtools/perl/perl-5.14.3/debian/fixes/index-tainting.diff74
1 files changed, 74 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/perl-5.14.3/debian/fixes/index-tainting.diff b/meta/recipes-devtools/perl/perl-5.14.3/debian/fixes/index-tainting.diff
new file mode 100644
index 0000000..ee00ca3
--- /dev/null
+++ b/meta/recipes-devtools/perl/perl-5.14.3/debian/fixes/index-tainting.diff
@@ -0,0 +1,74 @@
1Upstream-Status:Inappropriate [debian patches]
2From e25298a339dd6679f1b080f0125ac1b237b87950 Mon Sep 17 00:00:00 2001
3From: David Mitchell <davem@iabyn.com>
4Date: Tue, 28 Jun 2011 17:04:40 +0100
5Subject: RT 64804: tainting with index() of a constant
6
7Bug: http://rt.perl.org/rt3/Public/Bug/Display.html?id=64804
8Bug-Debian: http://bugs.debian.org/291450
9Origin: upstream, http://perl5.git.perl.org/perl.git/commit/3b36395d31cf0a2f3a017505cd0ea857a7acb5d1
10
11At compile time, ck_index with a tainted constant set PL_tainted,
12which remained on during the rest of compilation, tainting all other
13constants.
14
15Fix this by saving and restoring PL_tainted across the call to
16fbm_compile, which is what sets PL_tainted.
17
18Patch-Name: fixes/index-tainting.diff
19---
20 op.c | 5 ++++-
21 t/op/taint.t | 16 +++++++++++++++-
22 2 files changed, 19 insertions(+), 2 deletions(-)
23
24diff --git a/op.c b/op.c
25index e21b9a4..973df13 100644
26--- a/op.c
27+++ b/op.c
28@@ -7780,8 +7780,11 @@ Perl_ck_index(pTHX_ OP *o)
29 OP *kid = cLISTOPo->op_first->op_sibling; /* get past pushmark */
30 if (kid)
31 kid = kid->op_sibling; /* get past "big" */
32- if (kid && kid->op_type == OP_CONST)
33+ if (kid && kid->op_type == OP_CONST) {
34+ const bool save_taint = PL_tainted;
35 fbm_compile(((SVOP*)kid)->op_sv, 0);
36+ PL_tainted = save_taint;
37+ }
38 }
39 return ck_fun(o);
40 }
41diff --git a/t/op/taint.t b/t/op/taint.t
42index 9df6fee..a300b9b 100644
43--- a/t/op/taint.t
44+++ b/t/op/taint.t
45@@ -17,7 +17,7 @@ BEGIN {
46 use strict;
47 use Config;
48
49-plan tests => 774;
50+plan tests => 778;
51
52 $| = 1;
53
54@@ -2144,6 +2144,20 @@ end
55 is_tainted $dest, "ucfirst(tainted) taints its return value";
56 }
57
58+
59+# tainted constants and index()
60+# RT 64804; http://bugs.debian.org/291450
61+{
62+ ok(tainted $old_env_path, "initial taintedness");
63+ BEGIN { no strict 'refs'; my $v = $old_env_path; *{"::C"} = sub () { $v }; }
64+ ok(tainted C, "constant is tainted properly");
65+ ok(!tainted "", "tainting not broken yet");
66+ index(undef, C);
67+ ok(!tainted "", "tainting still works after index() of the constant");
68+}
69+
70+
71+
72 # This may bomb out with the alarm signal so keep it last
73 SKIP: {
74 skip "No alarm()" unless $Config{d_alarm};