New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pack "A*" and pack "a*" untaint data in 5.10.0 #9280
Comments
From cstith@gmail.comCreated by chris@localhost.(none)The following code leaves $x tainted after the pack() in 5.8.8 and perl -wTe 'use Scalar::Util qw( tainted ); $x = $ARGV[0]; print I think the former behavior is proper. If not, then the docs need to I'd like to thank "ambrus" on Perlmonks for noticing something was amiss. Christopher E. Stith Perl Info
|
From @ikegamiPerlMonks thread on the topic: On Mon, Apr 7, 2008 at 11:45 AM, via RT Chris <perlbug-followup@perl.org> wrote:
|
The RT System itself - Status changed from 'new' to 'open' |
From @andk
> PerlMonks thread on the topic: And I just added my usual binary search results to the perlmonks -- |
From @nwc10On Tue, Apr 08, 2008 at 09:34:22PM +0200, Andreas J. Koenig wrote:
Change 24010 by rgs@bloom on 2005/03/08 17:53:50 Subject: Encoding neutral unpack Affected files ... ... //depot/perl/embed.fnc#146 edit mmm. Not a small change. http://public.activestate.com/cgi-bin/perlbrowse?patch_num=24010&show_patch=Show+Patch Nicholas Clark |
From @nwc10Dave notes: both bleed and maint still have a taint bug not present in 5.8.8 |
From @rgsSolved by : commit 3c4fb04 Fix for RT #52552. pp_pack.c | 1 + |
@rgs - Status changed from 'open' to 'resolved' |
From p5p@spam.wizbit.beAlso see http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2009-06/ '
yes, I think if $expr is tainted, then pack('...', $expr) should be |
Migrated from rt.perl.org#52552 (status was 'resolved')
Searchable as RT52552$
The text was updated successfully, but these errors were encountered: