New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CGITempFile causes "Insecure dependency in sprintf" in perl 5.10.0 #9211
Comments
From @steve-m-hayCreated by SteveHay@planit.comRun the following program under perl 5.10.0 on Windows XP: #!perl -wT This causes the error: Insecure dependency in sprintf while running with -T switch at (eval 2) Under perl 5.8.8 it runs fine: tmpfile='C:\WINDOWS\TEMP\CGItemp1' The reason is the following item listed in perl5100delta: "When perl is run under taint mode, printf() and sprintf() will now This causes a problem for CGI.pm, because CGITempFile::find_tempdir() unshift(@TEMP,$ENV{'TMPDIR'}) if defined $ENV{'TMPDIR'}; so this *tainted* candidate is the first one to be tried and is hence The above error is then generated by CGITempFile::new when it uses this last if ! -f ($filename = Obviously there are various ways around this (it's currently causing me Perl Info
|
From l2ot9pa02@sneakemail.comSteve Hay wrote:
it seems to me that this would have to be fixed in CGITempFile because How about changing the sprintf call to this (untested, but well...): sprintf("\%s${SL}CGItemp%d", $TMPDIRECTORY, $sequence++) The warning is about tainted stuff in the _format_, so this should fix Cheers, |
The RT System itself - Status changed from 'new' to 'open' |
From @steve-m-haySteffen Mueller wrote:
Yes, that fixes it, thanks. Lincoln, are you happy with this fix? |
From @timjOn Mon, 28 Jan 2008, Steve Hay wrote:
Why isn't it using File::Spec->tmpdir? That problem is solved there. -- |
From @druud62Steffen Mueller schreef:
Why not work out ${SL} as well? Even if it is currently guaranteed to never contain anything like "%d", -- "Gewoon is een tijger." |
From l2ot9pa02@sneakemail.comHi, Dr.Ruud schrieb:
No specific reason. In fact, $SL is the directory separator of the $TMPDIRECTORY . $SL . sprintf('%d', $sequence++) but that's purely a matter of preference. Cheers, |
From @lsteinIt looks fine to me. I'm adding the proposed fix to 3.33. Lincoln On Jan 30, 2008 4:13 AM, Steve Hay <SteveHay@planit.com> wrote:
-- |
From @steve-m-hayOK, thanks. Now applied to bleadperl as #33143. ________________________________ From: Lincoln Stein [mailto:lincoln.stein@gmail.com] It looks fine to me. I'm adding the proposed fix to 3.33. Lincoln On Jan 30, 2008 4:13 AM, Steve Hay <SteveHay@planit.com> wrote: Hi Lincoln, Steve Hay wrote: -- |
From @steve-m-hayNow fixed in bleadperl by #33143. |
@steve-m-hay - Status changed from 'open' to 'resolved' |
Migrated from rt.perl.org#50322 (status was 'resolved')
Searchable as RT50322$
The text was updated successfully, but these errors were encountered: