From adelton@fi.muni.cz

Created by adelton@fi.muni.cz

Hello,

I have a fairly complex set of module that I try to write tests for.
I have -T in my *.t files. All of a sudden, my tests started to fail
with

  Insecure dependency in require while running with -T switch at
  /usr/lib/perl5/5.8.5/utf8_heavy.pl line 182.

The line 182 in utf8_heavy.pl is the line where

  $list = do $file;

is called. Okay, I never called utf8_heavy.pl myself, but digging
through the sources makes me think that it has something to do with
regular expressions and things like that. However, the problem
disappears when I run the program under debugger. So does the problem
disappear when I run perl -Iblib/arch ... instead of make test. That's
why I was not able to make a standalone test case.

Nevertheless, I changed the utf8_heavy.pl as follows

--- /usr/lib/perl5/5.8.5/utf8_heavy.pl	2004-10-12 18:54:58.000000000 +0200
+++ utf8_heavy.pl	2005-01-11 08:47:52.498218355 +0100
@@ -148,9 +148,17 @@
 	    ## The user-level way to access ToDigit() and ToFold()
 	    ## is to use Unicode::UCD.
             ##
+
+	     use Scalar::Util;
+	     if (Scalar::Util::tainted($type)) {
+	         print "Type [$type] is tainted\n";
+	     } else {
+	         print "Type [$type] is not tainted\n";
+	     }
             if ($type =~ /^To(Digit|Fold|Lower|Title|Upper)$/)
             {
                 $file = "unicore/To/$1.pl";
+	         print "File [$file] is tainted\n" if Scalar::Util::tainted($file);
                 ## would like to test to see if $file actually exists....
                 last GETFILE;
             }
@@ -179,6 +187,7 @@
 		return $Cache{$class, $file};
 	    }
 
+	    print "File [$file] is tainted\n" if Scalar::Util::tainted($file);
 	    $list = do $file;
 	}
 

Type [ToLower] is not tainted
File [unicore/To/Lower.pl] is tainted
File [unicore/To/Lower.pl] is tainted

So I believe that this is a bug in Perl's tainting mechanism --
if I start with untainted $type and do

  if ($type =~ /^To(Digit|Fold|Lower|Title|Upper)$/) {
  $file = "unicore/To/$1.pl";
  }

the $file should not be tainted, IMO. Changing $1 to $+, leading to

  $file = "unicore/To/$+.pl";

makes the problem disappear.

Maybe this bug report will help someone remember what could be wrong
with Perl's tainting mechanism and $1? Similar problems were reported
by random people, Google shows

  http​://ipv6.he.net/forum/read.php?f=1&i=845&t=845
  http​://www.mail-archive.com/qpsmtpd@​perl.org/msg01505.html

and it seems that the problem only happens in very rare conditions
of complex modules.

Sincerely,

Jan Pazdziora
adelton@​fi.muni.cz

Flags:
    category=core
    severity=medium

This perlbug was built using Perl v5.8.5 in the Red Hat build system.
It is being executed now by Perl v5.8.5 - Tue Oct 12 12:44:18 EDT 2004.

Site configuration information for perl v5.8.5:

Configured by Red Hat, Inc. at Tue Oct 12 12:44:18 EDT 2004.

Summary of my perl5 (revision 5 version 8 subversion 5) configuration:
  Platform:
    osname=linux, osvers=2.4.21-14.elsmp, archname=i386-linux-thread-multi
    uname='linux tweety.build.redhat.com 2.4.21-14.elsmp #1 smp wed apr 14 18:55:47 edt 2004 i686 i686 i386 gnulinux '
    config_args='-des -Doptimize=-O2 -g -pipe -m32 -march=i386 -mtune=pentium4 -Dversion=5.8.5 -Dmyhostname=localhost -Dperladmin=root@localhost -Dcc=gcc -Dcf_by=Red Hat, Inc. -Dinstallprefix=/usr -Dprefix=/usr -Darchname=i386-linux -Dvendorprefix=/usr -Dsiteprefix=/usr -Duseshrplib -Dusethreads -Duseithreads -Duselargefiles -Dd_dosuid -Dd_semctl_semun -Di_db -Ui_ndbm -Di_gdbm -Di_shadow -Di_syslog -Dman3ext=3pm -Duseperlio -Dinstallusrbinperl -Ubincompat5005 -Uversiononly -Dpager=/usr/bin/less -isr -Dinc_version_list=5.8.4 5.8.3 5.8.2 5.8.1 5.8.0'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=define use5005threads=undef useithreads=define usemultiplicity=define
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='gcc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBUGGING -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/include/gdbm',
    optimize='-O2 -g -pipe -m32 -march=i386 -mtune=pentium4',
    cppflags='-D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBUGGING -fno-strict-aliasing -pipe -I/usr/local/include -I/usr/include/gdbm'
    ccversion='', gccversion='3.4.2 20041006 (Red Hat 3.4.2-5)', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld='gcc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lpthread -lc
    perllibs=-lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
    libc=/lib/libc-2.3.3.so, so=so, useshrplib=true, libperl=libperl.so
    gnulibc_version='2.3.3'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/usr/lib/perl5/5.8.5/i386-linux-thread-multi/CORE'
    cccdlflags='-fPIC', lddlflags='-shared -L/usr/local/lib'

Locally applied patches:
    


@INC for perl v5.8.5:
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/5.8.5/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/5.8.5
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/5.8.4
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/5.8.3
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/5.8.2
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/5.8.1
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi/5.8.0
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.5/5.8.5/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.5/5.8.5
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.5/5.8.4
    /usr/lib/perl5/site_perl/5.8.5/5.8.3
    /usr/lib/perl5/site_perl/5.8.5/5.8.2
    /usr/lib/perl5/site_perl/5.8.5/5.8.1
    /usr/lib/perl5/site_perl/5.8.5/5.8.0
    /usr/lib/perl5/site_perl/5.8.5
    /usr/lib/perl5/5.8.5/i386-linux-thread-multi
    /usr/lib/perl5/5.8.5
    /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.2/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.1/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi
    /usr/lib/perl5/site_perl/5.8.5
    /usr/lib/perl5/site_perl/5.8.4
    /usr/lib/perl5/site_perl/5.8.3
    /usr/lib/perl5/site_perl/5.8.2
    /usr/lib/perl5/site_perl/5.8.1
    /usr/lib/perl5/site_perl/5.8.0
    /usr/lib/perl5/site_perl
    /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.8.2/i386-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.8.1/i386-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.8.5
    /usr/lib/perl5/vendor_perl/5.8.4
    /usr/lib/perl5/vendor_perl/5.8.3
    /usr/lib/perl5/vendor_perl/5.8.2
    /usr/lib/perl5/vendor_perl/5.8.1
    /usr/lib/perl5/vendor_perl/5.8.0
    /usr/lib/perl5/vendor_perl
    .


Environment for perl v5.8.5:
    HOME=/home/adelton
    LANG=en_US.UTF-8
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/usr/kerberos/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/lib/jre/bin:/home/adelton/bin:/usr/lib/jre/bin
    PERL5LIB=/usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi:/usr/lib/perl5/site_perl/5.8.5
    PERL_BADLANG (unset)
    SHELL=/bin/bash

From @iabyn

Regarding your taint bug report from 2005. Sorry, no-one's replied to it
before now, but better late than never!

Do still you have the ability to reproduce this issue, either with 5.8.5
or anything newer? If so, Could you add a couple of Dump statements to
utf8_heavy.pl in addition to to your existing debugging statements
mentioned in the original bug report; i.e. change

  if ($type =~ /^To(Digit|Fold|Lower|Title|Upper)$/)
  {
  $file = "unicore/To/$1.pl";

To
  use Devel​::Peek;
  Dump $type; Dump $file; Dump $1;
  if ($type =~ /^To(Digit|Fold|Lower|Title|Upper)$/)
  {
  Dump $type; Dump $file; Dump $1;
  $file = "unicore/To/$1.pl";
  Dump $type; Dump $file; Dump $1;

The RT System itself - Status changed from 'new' to 'open'

From adelton@fi.muni.cz

On Thu, Mar 25, 2010 at 01​:36​:58PM -0700, Dave Mitchell via RT wrote​:

Regarding your taint bug report from 2005. Sorry, no-one's replied to it
before now, but better late than never!

Do still you have the ability to reproduce this issue, either with 5.8.5
or anything newer? If so, Could you add a couple of Dump statements to
utf8_heavy.pl in addition to to your existing debugging statements
mentioned in the original bug report; i.e. change

        if \($type =~ /^To\(Digit|Fold|Lower|Title|Upper\)$/\)
        \{
            $file = "unicore/To/$1\.pl";

To
use Devel​::Peek;
Dump $type; Dump $file; Dump $1;
if ($type =~ /^To(Digit|Fold|Lower|Title|Upper)$/)
{
Dump $type; Dump $file; Dump $1;
$file = "unicore/To/$1.pl";
Dump $type; Dump $file; Dump $1;

Dave,

I'm sorry but I no longer have access to the reproducer (I no longer
work with the company where I was debugging the issue) nor do I really
remember what the issue was or what perl modules I've been using back
then.

Looking at my perlbug report, I should have put more information about
my setup there even if it would not be possible to reproduce it on
your side, as it would at least allow me to remember what code it was
I was working on.

Sorry,

--

  Jan Pazdziora | adelton@​fi.muni.cz | http​://www.fi.muni.cz/~adelton/
.project​: Satellite, Spacewalk | Only self-confident people can be simple.

From @iabyn

On Fri, Mar 26, 2010 at 10​:55​:41AM +0100, Jan Pazdziora wrote​:

On Thu, Mar 25, 2010 at 01​:36​:58PM -0700, Dave Mitchell via RT wrote​:

Regarding your taint bug report from 2005. Sorry, no-one's replied to it
before now, but better late than never!

Do still you have the ability to reproduce this issue, either with 5.8.5
or anything newer? If so, Could you add a couple of Dump statements to
utf8_heavy.pl in addition to to your existing debugging statements
mentioned in the original bug report; i.e. change

        if \($type =~ /^To\(Digit|Fold|Lower|Title|Upper\)$/\)
        \{
            $file = "unicore/To/$1\.pl";

To
use Devel​::Peek;
Dump $type; Dump $file; Dump $1;
if ($type =~ /^To(Digit|Fold|Lower|Title|Upper)$/)
{
Dump $type; Dump $file; Dump $1;
$file = "unicore/To/$1.pl";
Dump $type; Dump $file; Dump $1;

Dave,

I'm sorry but I no longer have access to the reproducer (I no longer
work with the company where I was debugging the issue) nor do I really
remember what the issue was or what perl modules I've been using back
then.

Looking at my perlbug report, I should have put more information about
my setup there even if it would not be possible to reproduce it on
your side, as it would at least allow me to remember what code it was
I was working on.

Ah well, not to worry. I'll mark the ticket as stalled.

--
The Enterprise successfully ferries an alien VIP from one place to another
without serious incident.
  -- Things That Never Happen in "Star Trek" #7

@iabyn - Status changed from 'open' to 'stalled'

From @dcollinsn

Based on his -V, I'm wondering if there was some interaction between incompatible versions of modules. Perhaps that why make test behaved differently than calling the test program directly. In any event, I can't reproduce this anywhere going back to 5.8.5 (or even earlier). Since we have no hope of reproducing, I intend to close this.

The RT System itself - Status changed from 'stalled' to 'open'

@dcollinsn - Status changed from 'open' to 'rejected'