Bug#574129: Relevant perl bug found

Sun, 21 Mar 2010 12:44:48 -0700 

tag 574129 patch fixed-upstream
thanks

On Sat, Mar 20, 2010 at 04:25:50PM -0500, Troy Davis wrote:
> 
> http://rt.perl.org/rt3//Public/Bug/Display.html?id=61976
> 
> Since spamd runs in taint mode, this appears to be the bug.

Thanks for digging this up.

> Reassigning to the perl package to see if the patch in the above bug report 
> is in the perl version currently in testing...

No, the patch is not applied in the current Debian package.  I'll include
it in the next upload. Attaching it for the sake of completeness.

I'm not quite sure how the bitrot effect fits in the picture,
but let's hope for the best...
-- 
Niko Tyni   nt...@debian.org

>From 0097b436152452e403cc71b4f1a1cfd30ec0ba1a Mon Sep 17 00:00:00 2001
From: David Mitchell <da...@iabyn.com>
Date: Mon, 11 Jan 2010 21:42:07 +0000
Subject: [PATCH] fix for [perl #61976] Errno ($!) not evaluated to a error message string
 (5.10.0 in taint mode)

Change 27176 / 2a509ed3c095f7d712013e653f68821f6bb2d6db fixed a taint
bug, which as a side effect, meant that $! used within a tainted expression
failed to have a string value.

This quick fix just makes sure the POK flag is set (prior to it being
shifted back to pPOK).
---
 mg.c         |    1 +
 t/op/taint.t |   13 ++++++++++++-
 2 files changed, 13 insertions(+), 1 deletions(-)

diff --git a/mg.c b/mg.c
index fb91325..ddfc2ff 100644
--- a/mg.c
+++ b/mg.c
@@ -1048,6 +1048,7 @@ Perl_magic_get(pTHX_ SV *sv, MAGIC *mg)
 	else
 #endif
 	sv_setpv(sv, errno ? Strerror(errno) : "");
+	SvPOK_on(sv);	/* may have got removed during taint processing */
 	RESTORE_ERRNO;
 	}
 #endif
diff --git a/t/op/taint.t b/t/op/taint.t
index 796b6fa..161073d 100644
--- a/t/op/taint.t
+++ b/t/op/taint.t
@@ -17,7 +17,7 @@ use Config;
 use File::Spec::Functions;
 
 BEGIN { require './test.pl'; }
-plan tests => 301;
+plan tests => 302;
 
 $| = 1;
 
@@ -1308,6 +1308,17 @@ foreach my $ord (78, 163, 256) {
     ok(tainted($zz), "pack a*a* preserves tainting");
 }
 
+# Bug RT #61976 tainted $! would show numeric rather than string value
+
+{
+    my $tainted_path = substr($^X,0,0) . "/no/such/file";
+    my $err;
+    # $! is used in a tainted expression, so gets tainted
+    open my $fh, $tainted_path or $err= "$!";
+    unlike($err, qr/^\d+$/, 'tainted $!');
+}
+
+
 # This may bomb out with the alarm signal so keep it last
 SKIP: {
     skip "No alarm()"  unless $Config{d_alarm};
-- 
1.7.0

Reply via email to