Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No subject provided #891

Closed
p5pRT opened this issue Nov 24, 1999 · 1 comment
Closed

No subject provided #891

p5pRT opened this issue Nov 24, 1999 · 1 comment
Labels
distro-unknown type-library

Comments

@p5pRT
Copy link

p5pRT commented Nov 24, 1999

Migrated from rt.perl.org#1823 (status was 'resolved')

Searchable as RT1823$
@p5pRT
Copy link
Author

p5pRT commented Nov 24, 1999

From @muir

I've long believed that the way to untaint something was to do a
regex match against it and then use one of the numbered matches...

The following code shows that this does not always work​:

--------------------- cut here -----------------
#!/bin/sh
exec env PT=zz/yy perl -Tx $0
#!/usr/local/bin/perl -T

my $pcold = "/yy";
my $tainted, $nottainted;
if ($ENV{'PT'} =~ m,^(.*)\Q$pcold\E$,) {
  $tainted = "$1/pp";
}
if ($ENV{'PT'} =~ m,^([.]*)\Q$pcold\E$,) {
  $nottainted = "$1/pp";
}

print (STDERR is_tainted($tainted) ? "TAINTED\n" : "NOT TAINTED\n");
print (STDERR is_tainted($nottainted) ? "TAINTED\n" : "NOT TAINTED\n");

sub is_tainted
{
  return ! eval {
  join('',@​_), kill 0;
  1;
  };
}

--------------------- cut here -----------------

Correct behavior would be to print "NOT TAINTED" twice.

Interestingly enough, the taintedness of the variable showed up
a little late.

  $tainted above got inserted into @​INC
  A module was found in the directory $tainted
  In that module, fastcwd() was called. It died in Cwd.pm

This is also true with 5.005_03.

Perl Info 


Site configuration information for perl 5.00502:

Configured by markm at $Date: 1999/01/17 09:53:34 $.

Summary of my perl5 (5.0 patchlevel 5 subversion 2) configuration:
  Platform:
    osname=freebsd, osvers=3.0-current, archname=i386-freebsd
    uname='freebsd 3.0-current #0: '
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef useperlio=undef d_sfio=undef
  Compiler:
    cc='cc', optimize='undef', gccversion=2.7.2.1
    cppflags=''
    ccflags =''
    stdchar='char', d_stdstdio=undef, usevfork=true
    intsize=4, longsize=4, ptrsize=4, doublesize=8
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    alignbytes=4, usemymalloc=n, prototype=define
  Linker and Libraries:
    ld='ld', ldflags ='-Wl,-E '
    libpth=/usr/lib
    libs=-lm -lc -lcrypt
    libc=undef, so=so, useshrplib=true, libperl=libperl.so.3
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
    cccdlflags='-DPIC -fpic', lddlflags='-shared '

Locally applied patches:
    


@INC for perl 5.00502:
    /usr/libdata/perl/5.00502/mach
    /usr/libdata/perl/5.00502
    /usr/local/lib/perl5/site_perl/5.005/i386-freebsd
    /usr/local/lib/perl5/site_perl/5.005
    .


Environment for perl 5.00502:
    HOME=/home/muir
    LANG (unset)
    LD_LIBRARY_PATH=.:/usr/lib:/usr/local/lib
    LOGDIR (unset)
    PATH=.:/home/muir/bin/idiom:/home/muir/bin:/home/muir/bin/share:/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/shbin:/usr/local/sbin:/usr/local/bin:/usr/local/ptybin:/usr/X11R6/bin:/usr/bin/X11:/usr/local/tex/bin:/usr/ucb:/usr/bin:/bin:/etc:/usr/etc:/usr/games:/lib:/usr/lib:/usr/local/java/bin:/usr/lib/uucp:/usr/openwin/bin:/usr/openwin/bin/xview:/usr/openwin/demo:/usr/adm:/home/muir/tmp
    PERL_BADLANG (unset)
    SHELL=/bin/tcsh

@p5pRT p5pRT closed this as completed Nov 28, 2003
This was referenced Oct 18, 2019
Closed
Closed
jkeenan pushed a commit that referenced this issue Mar 8, 2022
@exodist @jkeenan
cpan/Test-Simple: sync with CPAN Test-Simple-1.302190
f70b3f7 
From Changes: Fix subtest times to be hi-res; Fix #890, #891.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
distro-unknown type-library
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@p5pRT