New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Errno ($!) not evaluated to a error message string (5.10.0 in taint mode) #9613
Comments
From Mark.Martinec@ijs.siCreated by root@patsy.ijs.siWith Perl 5.10.0 in taint mode, evaluating a $! variable in The problem is reproducible with an EPIPE error, although The problem is reproducible on all platforms that I tried: The following example illustrates the problem. $ date | /usr/local/bin/perl5.10.0 -T -e ' The same command with perl 5.8.8 works as expected, $ date | /usr/local/bin/perl5.8.8 -T -e ' Without a -T switch even the perl5.10.0 yields a correct result: $ date | /usr/local/bin/perl5.10.0 -e ' Perl Info
|
From @rgs2009/1/5 via RT Mark Martinec <perlbug-followup@perl.org>:
I would conjecturate a bad interaction between taint magic and \0-magic. |
The RT System itself - Status changed from 'new' to 'open' |
From @TuxOn Tue, 6 Jan 2009 14:32:10 +0100, "Rafael Garcia-Suarez"
$ date | perl -MDP -T -le'$|=1;$SIG{PIPE}="IGNORE";my$s=<STDIN>;print$s;print STDERR DPeek$_ for DDual$\!,1;print DDump_IO *STDERR,$\!,2' | true -- |
From p5p@spam.wizbit.beOn Tue Jan 06 05:32:44 2009, rafael wrote:
Binary search: ----Program---- system( q(date | ) . ----Output of .../pZl8r9Q/perl-5.9.3@27174/bin/perl---- ----EOF ($?='0')---- ----EOF ($?='0')---- http://public.activestate.com/cgi-bin/perlbrowse/p/27176 Ensure that public I, N and P flags are off when SvTAINT is
It is my understanding that $! is supposed to be tainted because it is But the tainted string should still be shown in the die message since What is also intresting: $ date | perl-5.10.0 -Te '$|=1; $SIG{PIPE}="IGNORE"; my $ date | /opt/perl/bin/perl5100 -Te '$|=1; $SIG{PIPE}="IGNORE"; my print Best regards, Bram |
From Mark.Martinec@ijs.si
Btw, this is still the case with 5.10.1. Mark |
From jim@meyering.netMark Martinec wrote:
If you untaint $s before printing it, you'll get the usual |
From jim@meyering.netMark Martinec wrote:
Same for blead, built from git an hour or so ago: This is perl 5, version 11, subversion 2 (v5.11.2-81-g162177c*) \ Here's a slightly simpler demonstration: with -T, we get only a number: $ perl -Te '$!=20; warn "$0: $!\n"' without -T, we get the diagnostic we expect: $ perl -le '$!=20; warn "$0: $!\n"' Same results if I invoke it with an empty environment: $ env -i perl -Te '$!=20; warn "$0: $!\n"' or with an explicit LC_ALL=C: $ env -i LC_ALL=C perl -Te '$!=20; warn "$0: $!\n"' Here's one work-around: pull the tainted $0 out of the double quotes: $ perl -Te '$!=20; warn |
From @iabynNow fixed in blead (hopefully) by the following commit: commit 516602a35e0eaac5574157357adc8e72978da5db fix for [perl #61976] Errno ($!) not evaluated to a error message string Affected files ... Differences ... Inline Patchdiff --git a/mg.c b/mg.c
index fb91325..ddfc2ff 100644
--- a/mg.c
+++ b/mg.c
@@ -1048,6 +1048,7 @@ Perl_magic_get(pTHX_ SV *sv, MAGIC *mg)
else
#endif
sv_setpv(sv, errno ? Strerror(errno) : "");
+ SvPOK_on(sv); /* may have got removed during taint processing */
RESTORE_ERRNO;
}
#endif
diff --git a/t/op/taint.t b/t/op/taint.t
index 796b6fa..161073d 100644
--- a/t/op/taint.t
+++ b/t/op/taint.t
@@ -17,7 +17,7 @@ use Config;
use File::Spec::Functions;
BEGIN { require './test.pl'; }
-plan tests => 301;
+plan tests => 302;
$| = 1;
@@ -1308,6 +1308,17 @@ foreach my $ord (78, 163, 256) {
ok(tainted($zz), "pack a*a* preserves tainting");
}
+# Bug RT #61976 tainted $! would show numeric rather than string value
+
+{
+ my $tainted_path = substr($^X,0,0) . "/no/such/file";
+ my $err;
+ # $! is used in a tainted expression, so gets tainted
+ open my $fh, $tainted_path or $err= "$!";
+ unlike($err, qr/^\d+$/, 'tainted $!');
+}
+
+
# This may bomb out with the alarm signal so keep it last
SKIP: {
skip "No alarm()" unless $Config{d_alarm}; |
@iabyn - Status changed from 'open' to 'resolved' |
From @JensTimmermanI am still seeing this problem when compiling Perl with icc (intel I can reproduce this with every versions of icc (2011.1.107, 2011.4.191, Latest test was The only tests that fail after the build are the testcase in this ticket -bash-3.2$ perl -Te '$!=20; warn "$0: $!\n"' Perl built with gcc on the same system works as expected. |
@iabyn - Status changed from 'resolved' to 'open' |
From @khwilliamsonThe status of this wasn't clear to me until I did some experimentation. -- |
Migrated from rt.perl.org#61976 (status was 'open')
Searchable as RT61976$
The text was updated successfully, but these errors were encountered: