Dear release team, There is a problem with the perl package, as discussed in <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695224#55> onwards, whereby the application of the security fix in that ticket now causes double-escaping problems where people workaround the problem by escaping themselves, when they detect an earlier Locale::Maketext by version number.
I am slightly wary about importing the new (1.23) version of Locale::Maketext as I mentioned in that bug already, but my fears may be unfounded. Could you comment about whether you would accept such a change in wheezy at this time? (I can't really decide whether it's RC or not). I've attached a diff which implements the change in question. I haven't carried out extensive testing yet, but the package builds fine. The same change is in the dom/locale-maketext-version branch of the git repository at <http://anonscm.debian.org/gitweb/?p=perl/perl.git>. Note that if you approve this, I would still want to get feedback from Niko, co-maintainer of the perl pacakge, before an upload. This also affects stable, and so I've also CCed the security team (the problem was introduced in a DSA). Thanks as always for your excellent work (especially during the freeze) and apologies for bringing such a thorny issue to you this close to release. Dominic. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
diff --git a/debian/.git-dpm b/debian/.git-dpm index 2a4791b..c8c980a 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@ -1,6 +1,6 @@ # see git-dpm(1) from git-dpm package -89405c8ebc5bf8ae4ed6479de2bc0f311c1f6fe1 -89405c8ebc5bf8ae4ed6479de2bc0f311c1f6fe1 +93f6c83c7454de33df00a0e3fde3a890d6c87e91 +93f6c83c7454de33df00a0e3fde3a890d6c87e91 5f99bf7a09dd2ae3c22081331f4973210a543731 5f99bf7a09dd2ae3c22081331f4973210a543731 perl_5.14.2.orig.tar.bz2 diff --git a/debian/changelog b/debian/changelog index dd05cd9..e306117 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +perl (5.14.2-21) UNRELEASED; urgency=low + + * Update the Locale::Maketext fix by importing 1.23, to avoid + double-escaping problems (see: #695224) + + -- Dominic Hargreaves <d...@earth.li> Sun, 31 Mar 2013 13:58:59 +0100 + perl (5.14.2-20) unstable; urgency=low * Fix an Encode memory leak that occurred in the UTF-8 encoding. diff --git a/debian/patches/fixes/64bitint-signedness-wraparound.diff b/debian/patches/fixes/64bitint-signedness-wraparound.diff index cae0b3d..edeaf9e 100644 --- a/debian/patches/fixes/64bitint-signedness-wraparound.diff +++ b/debian/patches/fixes/64bitint-signedness-wraparound.diff @@ -1,4 +1,4 @@ -From e36d65ba661bd0f9c9ae741c8f18d2e08682e97a Mon Sep 17 00:00:00 2001 +From 3e75c3189622c59ded9070bf678ef42f8185961a Mon Sep 17 00:00:00 2001 From: Andy Dougherty <dough...@lafayette.edu> Date: Wed, 16 Jan 2013 12:30:43 -0500 Subject: Avoid wraparound when casting unsigned size_t to signed ssize_t. diff --git a/debian/patches/fixes/digest-sha-doublefree.diff b/debian/patches/fixes/digest-sha-doublefree.diff index c49a84a..b9a1e12 100644 --- a/debian/patches/fixes/digest-sha-doublefree.diff +++ b/debian/patches/fixes/digest-sha-doublefree.diff @@ -1,4 +1,4 @@ -From d2d9e1560afaeb402dda69eba1d6e808d80c0c96 Mon Sep 17 00:00:00 2001 +From 0c6c3e57ab9ee86fbce162071dce1c2748a494b5 Mon Sep 17 00:00:00 2001 From: Niko Tyni <nt...@debian.org> Date: Fri, 25 Jan 2013 15:00:00 +0200 Subject: Fix a double-free bug in Digest::SHA diff --git a/debian/patches/fixes/encode-memleak.diff b/debian/patches/fixes/encode-memleak.diff index b30e6d0..baed27f 100644 --- a/debian/patches/fixes/encode-memleak.diff +++ b/debian/patches/fixes/encode-memleak.diff @@ -1,4 +1,4 @@ -From 89405c8ebc5bf8ae4ed6479de2bc0f311c1f6fe1 Mon Sep 17 00:00:00 2001 +From 93f6c83c7454de33df00a0e3fde3a890d6c87e91 Mon Sep 17 00:00:00 2001 From: chansen <chan...@cpan.org> Date: Sun, 3 Mar 2013 22:43:53 +0100 Subject: Encode: Fixed a memory leak that occurred in the UTF-8 encoding. diff --git a/debian/patches/fixes/hsplit-rehash.diff b/debian/patches/fixes/hsplit-rehash.diff index c2fd7e2..ba235f7 100644 --- a/debian/patches/fixes/hsplit-rehash.diff +++ b/debian/patches/fixes/hsplit-rehash.diff @@ -1,4 +1,4 @@ -From 5d86bf622ad5ac2cc69da54d76000a4618518410 Mon Sep 17 00:00:00 2001 +From ac695b3c3106de8292c4200c84ab4c57b6998b73 Mon Sep 17 00:00:00 2001 From: Yves Orton <demer...@gmail.com> Date: Tue, 12 Feb 2013 10:53:05 +0100 Subject: Prevent premature hsplit() calls, and only trigger REHASH after diff --git a/debian/patches/fixes/maketext-code-execution.diff b/debian/patches/fixes/maketext-code-execution.diff index 117ef2d..b781de9 100644 --- a/debian/patches/fixes/maketext-code-execution.diff +++ b/debian/patches/fixes/maketext-code-execution.diff @@ -1,4 +1,4 @@ -From 9da6928f4cbc7cfa3c2c474b00042a51083e12af Mon Sep 17 00:00:00 2001 +From 97aa10fd1926ed8299448eb69f70c01546918d15 Mon Sep 17 00:00:00 2001 From: Brian Carlson <brian.carl...@cpanel.net> Date: Wed, 28 Nov 2012 08:54:33 -0500 Subject: Fix misparsing of maketext strings. @@ -10,17 +10,79 @@ inside the content or die on fully-qualified method names when generating the code. This change escapes all such backslashes and dies when a method name with a colon or apostrophe is specified. +This is an updated version of the patch which upgrades Locale::Maketext to +1.23, to avoid double-escaping problems for callers who work around the +problem with older versions. + Bug-Debian: http://bugs.debian.org/695224 Origin: http://perl5.git.perl.org/perl.git/commit/1735f6f53ca19f99c6e9e39496c486af323ba6a8 Patch-Name: fixes/maketext-code-execution.diff --- - dist/Locale-Maketext/lib/Locale/Maketext.pm | 24 ++++++++---------------- - 1 file changed, 8 insertions(+), 16 deletions(-) + dist/Locale-Maketext/ChangeLog | 29 ++++++++++++++++++++ + dist/Locale-Maketext/lib/Locale/Maketext.pm | 26 ++++++------------ + dist/Locale-Maketext/lib/Locale/Maketext.pod | 13 +++++++-- + dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm | 2 +- + .../lib/Locale/Maketext/GutsLoader.pm | 2 +- + dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod | 4 +-- + dist/Locale-Maketext/t/00_load.t | 11 ++++++++ + dist/Locale-Maketext/t/09_compile.t | 11 +++++--- + dist/Locale-Maketext/t/pod.t | 8 ++++++ + 9 files changed, 79 insertions(+), 27 deletions(-) + create mode 100644 dist/Locale-Maketext/t/00_load.t + create mode 100644 dist/Locale-Maketext/t/pod.t +diff --git a/dist/Locale-Maketext/ChangeLog b/dist/Locale-Maketext/ChangeLog +index 3a28d09..aaa0eb8 100644 +--- a/dist/Locale-Maketext/ChangeLog ++++ b/dist/Locale-Maketext/ChangeLog +@@ -1,5 +1,34 @@ + Revision history for Perl suite Locale::Maketext + ++2012-12-04 ++ * Fix misparsing of maketext strings. ++ ++2012-11-22 ++ * Fix hash order dependcy bug in tests ++ ++2012-01-14 ++ * Minor POD documentation update to sync with upstream blead. ++ ++2011-12-23 ++ * No changes. Production release after CPAN testers cleared. ++ ++2011-12-14 ++ * Update to 1.19_01 from upstream blead for release testing ++ ++ Fix broken URLs in dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod for RFCs ++ ++ Keep verbatim pod in various dist/* pods within 79 cols ++ ++2011-05-25 ++ * Update to 1.19 from upstream blead ++ ++ [perl #89896] Locale::Maketext test failure ++ when environment has variable containing unbalanced brackets ++ ++ Suppress "Name used only once" warnings. ++ ++ [perl #81888] Fix typos (spelling errors) in dist/* ++ + 2010-10-20 + * Release 1.17 + diff --git a/dist/Locale-Maketext/lib/Locale/Maketext.pm b/dist/Locale-Maketext/lib/Locale/Maketext.pm -index af5d21a..5cf7cb1 100644 +index af5d21a..63e5fba 100644 --- a/dist/Locale-Maketext/lib/Locale/Maketext.pm +++ b/dist/Locale-Maketext/lib/Locale/Maketext.pm +@@ -27,7 +27,7 @@ BEGIN { + } + + +-$VERSION = '1.19'; ++$VERSION = '1.23'; + @ISA = (); + + $MATCH_SUPERS = 1; @@ -625,21 +625,9 @@ sub _compile { # 0-length method name means to just interpolate: push @code, ' ('; @@ -67,3 +129,141 @@ index af5d21a..5cf7cb1 100644 } } } +diff --git a/dist/Locale-Maketext/lib/Locale/Maketext.pod b/dist/Locale-Maketext/lib/Locale/Maketext.pod +index 14b47c8..3ef9c3a 100644 +--- a/dist/Locale-Maketext/lib/Locale/Maketext.pod ++++ b/dist/Locale-Maketext/lib/Locale/Maketext.pod +@@ -166,7 +166,8 @@ file, you might consider something like this in your project class: + my $lh; + if($chosen_language) { + $lh = $class->get_handle($chosen_language) +- || die "No language handle for \"$chosen_language\" or the like"; ++ || die "No language handle for \"$chosen_language\"" ++ . " or the like"; + } else { + # Config file missing, maybe? + $lh = $class->get_handle() +@@ -385,6 +386,14 @@ entirely. + Note that numf is called by quant for stringifying all quantifying + numbers. + ++=item $language->numerate($number, $singular, $plural, $negative) ++ ++This returns the given noun form which is appropriate for the quantity ++C<$number> according to this language's conventions. C<numerate> is ++used internally by C<quant> to quantify nouns. Use it directly -- ++usually from bracket notation -- to avoid C<quant>'s implicit call to ++C<numf> and output of a numeric quantity. ++ + =item $language->sprintf($format, @items) + + This is just a wrapper around Perl's normal C<sprintf> function. +@@ -1244,7 +1253,7 @@ to infer the plural form from the singular. + + But for other languages (as is discussed at length + in L<Locale::Maketext::TPJ13|Locale::Maketext::TPJ13>), simple +-C<quant>/C<numerify> is not enough. For the particularly problematic ++C<quant>/C<numf> is not enough. For the particularly problematic + Slavic languages, what you may need is a method which you provide + with the number, the citation form of the noun to quantify, and + the case and gender that the sentence's syntax projects onto that +diff --git a/dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm b/dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm +index 75c993c..9e78c7e 100644 +--- a/dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm ++++ b/dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm +@@ -2,7 +2,7 @@ package Locale::Maketext::Guts; + + use Locale::Maketext; + +-our $VERSION = '1.17'; ++our $VERSION = '1.20'; + + =head1 NAME + +diff --git a/dist/Locale-Maketext/lib/Locale/Maketext/GutsLoader.pm b/dist/Locale-Maketext/lib/Locale/Maketext/GutsLoader.pm +index 858fcf7..35a71ab 100644 +--- a/dist/Locale-Maketext/lib/Locale/Maketext/GutsLoader.pm ++++ b/dist/Locale-Maketext/lib/Locale/Maketext/GutsLoader.pm +@@ -2,7 +2,7 @@ package Locale::Maketext::GutsLoader; + + use Locale::Maketext; + +-our $VERSION = '1.17'; ++our $VERSION = '1.20'; + + sub zorp { return scalar @_ } + +diff --git a/dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod b/dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod +index 0bbe6e3..b9586b2 100644 +--- a/dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod ++++ b/dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod +@@ -750,12 +750,12 @@ morphology and pedagogy of North American native languages. + + Alvestrand, Harald Tveit. 1995. I<RFC 1766: Tags for the + Identification of Languages.> +-C<ftp://ftp.isi.edu/in-notes/rfc1766.txt> ++C<http://www.ietf.org/rfc/rfc1766.txt> + [Now see RFC 3066.] + + Callon, Ross, editor. 1996. I<RFC 1925: The Twelve + Networking Truths.> +-C<ftp://ftp.isi.edu/in-notes/rfc1925.txt> ++C<http://www.ietf.org/rfc/rfc1925.txt> + + Drepper, Ulrich, Peter Miller, + and FranE<ccedil>ois Pinard. 1995-2001. GNU +diff --git a/dist/Locale-Maketext/t/00_load.t b/dist/Locale-Maketext/t/00_load.t +new file mode 100644 +index 0000000..19abdba +--- /dev/null ++++ b/dist/Locale-Maketext/t/00_load.t +@@ -0,0 +1,11 @@ ++#!perl -Tw ++ ++use warnings; ++use strict; ++use Test::More tests => 3; ++ ++use_ok( 'Locale::Maketext' ); ++use_ok( 'Locale::Maketext::Guts' ); ++use_ok( 'Locale::Maketext::GutsLoader' ); ++ ++diag( "Testing Locale::Maketext $Locale::Maketext::VERSION with Perl $], $^X" ); +diff --git a/dist/Locale-Maketext/t/09_compile.t b/dist/Locale-Maketext/t/09_compile.t +index 06db484..93988e5 100644 +--- a/dist/Locale-Maketext/t/09_compile.t ++++ b/dist/Locale-Maketext/t/09_compile.t +@@ -8,12 +8,15 @@ use Test::More tests => 2; + use Scalar::Util qw(tainted); + use Locale::Maketext; + +-my @ENV_values = values %ENV; +-my $tainted_value; +-do { $tainted_value = shift @ENV_values } while(!$tainted_value || ref $tainted_value); ++my @ENV_values = map { !/^PERL/ && defined($ENV{$_}) && !ref($ENV{$_}) && $ENV{$_} ? $ENV{$_} : () } sort keys %ENV; ++die "No %ENV vars to test?" if !@ENV_values; ++ ++my ($tainted_value)= @ENV_values; + $tainted_value =~ s/([\[\]])/~$1/g; + +-ok(tainted($tainted_value), "\$tainted_value is tainted") or die('huh... %ENV has no entries? I don\'t know how to test taint without it'); ++# If ${^TAINT} is not set despite -T, this perl doesn't have taint support ++ok(!${^TAINT} || tainted($tainted_value), "\$tainted_value is tainted") ++ or die("Could not find tainted value to use for testing (maybe fix the test?)"); + + my $result = Locale::Maketext::_compile("hello [_1]", $tainted_value); + +diff --git a/dist/Locale-Maketext/t/pod.t b/dist/Locale-Maketext/t/pod.t +new file mode 100644 +index 0000000..a0f6a50 +--- /dev/null ++++ b/dist/Locale-Maketext/t/pod.t +@@ -0,0 +1,8 @@ ++#!perl -Tw ++ ++use warnings; ++use strict; ++use Test::More; ++eval 'use Test::Pod 1.14'; ++plan skip_all => 'Test::Pod 1.14 required for testing POD' if $@; ++all_pod_files_ok(); diff --git a/debian/patches/fixes/stdin-sigchld.diff b/debian/patches/fixes/stdin-sigchld.diff index 6081e17..ba0bb27 100644 --- a/debian/patches/fixes/stdin-sigchld.diff +++ b/debian/patches/fixes/stdin-sigchld.diff @@ -1,4 +1,4 @@ -From 417f9aa4b23699c6214978eef4c71f5c0ac1fd68 Mon Sep 17 00:00:00 2001 +From 1d95aa96823a930a9c4aa54baa4f23e956b145b8 Mon Sep 17 00:00:00 2001 From: Chip <c...@pobox.com> Date: Mon, 19 Sep 2011 23:51:49 -0700 Subject: add a couple missing LEAVEs in perlio_async_run() diff --git a/debian/patches/fixes/storable-security-warning.diff b/debian/patches/fixes/storable-security-warning.diff index 0162c4e..df6287a 100644 --- a/debian/patches/fixes/storable-security-warning.diff +++ b/debian/patches/fixes/storable-security-warning.diff @@ -1,4 +1,4 @@ -From 41d3609d4a091d21891059a2f44930c8a8c461fe Mon Sep 17 00:00:00 2001 +From 7e5ce09f7249436c0e4a875912886dba9a25a4a5 Mon Sep 17 00:00:00 2001 From: Steffen Mueller <smuel...@cpan.org> Date: Fri, 30 Nov 2012 23:03:09 -0500 Subject: add a note about security concerns in Storable diff --git a/dist/Locale-Maketext/ChangeLog b/dist/Locale-Maketext/ChangeLog index 3a28d09..aaa0eb8 100644 --- a/dist/Locale-Maketext/ChangeLog +++ b/dist/Locale-Maketext/ChangeLog @@ -1,5 +1,34 @@ Revision history for Perl suite Locale::Maketext +2012-12-04 + * Fix misparsing of maketext strings. + +2012-11-22 + * Fix hash order dependcy bug in tests + +2012-01-14 + * Minor POD documentation update to sync with upstream blead. + +2011-12-23 + * No changes. Production release after CPAN testers cleared. + +2011-12-14 + * Update to 1.19_01 from upstream blead for release testing + + Fix broken URLs in dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod for RFCs + + Keep verbatim pod in various dist/* pods within 79 cols + +2011-05-25 + * Update to 1.19 from upstream blead + + [perl #89896] Locale::Maketext test failure + when environment has variable containing unbalanced brackets + + Suppress "Name used only once" warnings. + + [perl #81888] Fix typos (spelling errors) in dist/* + 2010-10-20 * Release 1.17 diff --git a/dist/Locale-Maketext/lib/Locale/Maketext.pm b/dist/Locale-Maketext/lib/Locale/Maketext.pm index 5cf7cb1..63e5fba 100644 --- a/dist/Locale-Maketext/lib/Locale/Maketext.pm +++ b/dist/Locale-Maketext/lib/Locale/Maketext.pm @@ -27,7 +27,7 @@ BEGIN { } -$VERSION = '1.19'; +$VERSION = '1.23'; @ISA = (); $MATCH_SUPERS = 1; diff --git a/dist/Locale-Maketext/lib/Locale/Maketext.pod b/dist/Locale-Maketext/lib/Locale/Maketext.pod index 14b47c8..3ef9c3a 100644 --- a/dist/Locale-Maketext/lib/Locale/Maketext.pod +++ b/dist/Locale-Maketext/lib/Locale/Maketext.pod @@ -166,7 +166,8 @@ file, you might consider something like this in your project class: my $lh; if($chosen_language) { $lh = $class->get_handle($chosen_language) - || die "No language handle for \"$chosen_language\" or the like"; + || die "No language handle for \"$chosen_language\"" + . " or the like"; } else { # Config file missing, maybe? $lh = $class->get_handle() @@ -385,6 +386,14 @@ entirely. Note that numf is called by quant for stringifying all quantifying numbers. +=item $language->numerate($number, $singular, $plural, $negative) + +This returns the given noun form which is appropriate for the quantity +C<$number> according to this language's conventions. C<numerate> is +used internally by C<quant> to quantify nouns. Use it directly -- +usually from bracket notation -- to avoid C<quant>'s implicit call to +C<numf> and output of a numeric quantity. + =item $language->sprintf($format, @items) This is just a wrapper around Perl's normal C<sprintf> function. @@ -1244,7 +1253,7 @@ to infer the plural form from the singular. But for other languages (as is discussed at length in L<Locale::Maketext::TPJ13|Locale::Maketext::TPJ13>), simple -C<quant>/C<numerify> is not enough. For the particularly problematic +C<quant>/C<numf> is not enough. For the particularly problematic Slavic languages, what you may need is a method which you provide with the number, the citation form of the noun to quantify, and the case and gender that the sentence's syntax projects onto that diff --git a/dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm b/dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm index 75c993c..9e78c7e 100644 --- a/dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm +++ b/dist/Locale-Maketext/lib/Locale/Maketext/Guts.pm @@ -2,7 +2,7 @@ package Locale::Maketext::Guts; use Locale::Maketext; -our $VERSION = '1.17'; +our $VERSION = '1.20'; =head1 NAME diff --git a/dist/Locale-Maketext/lib/Locale/Maketext/GutsLoader.pm b/dist/Locale-Maketext/lib/Locale/Maketext/GutsLoader.pm index 858fcf7..35a71ab 100644 --- a/dist/Locale-Maketext/lib/Locale/Maketext/GutsLoader.pm +++ b/dist/Locale-Maketext/lib/Locale/Maketext/GutsLoader.pm @@ -2,7 +2,7 @@ package Locale::Maketext::GutsLoader; use Locale::Maketext; -our $VERSION = '1.17'; +our $VERSION = '1.20'; sub zorp { return scalar @_ } diff --git a/dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod b/dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod index 0bbe6e3..b9586b2 100644 --- a/dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod +++ b/dist/Locale-Maketext/lib/Locale/Maketext/TPJ13.pod @@ -750,12 +750,12 @@ morphology and pedagogy of North American native languages. Alvestrand, Harald Tveit. 1995. I<RFC 1766: Tags for the Identification of Languages.> -C<ftp://ftp.isi.edu/in-notes/rfc1766.txt> +C<http://www.ietf.org/rfc/rfc1766.txt> [Now see RFC 3066.] Callon, Ross, editor. 1996. I<RFC 1925: The Twelve Networking Truths.> -C<ftp://ftp.isi.edu/in-notes/rfc1925.txt> +C<http://www.ietf.org/rfc/rfc1925.txt> Drepper, Ulrich, Peter Miller, and FranE<ccedil>ois Pinard. 1995-2001. GNU diff --git a/dist/Locale-Maketext/t/00_load.t b/dist/Locale-Maketext/t/00_load.t new file mode 100644 index 0000000..19abdba --- /dev/null +++ b/dist/Locale-Maketext/t/00_load.t @@ -0,0 +1,11 @@ +#!perl -Tw + +use warnings; +use strict; +use Test::More tests => 3; + +use_ok( 'Locale::Maketext' ); +use_ok( 'Locale::Maketext::Guts' ); +use_ok( 'Locale::Maketext::GutsLoader' ); + +diag( "Testing Locale::Maketext $Locale::Maketext::VERSION with Perl $], $^X" ); diff --git a/dist/Locale-Maketext/t/09_compile.t b/dist/Locale-Maketext/t/09_compile.t index 06db484..93988e5 100644 --- a/dist/Locale-Maketext/t/09_compile.t +++ b/dist/Locale-Maketext/t/09_compile.t @@ -8,12 +8,15 @@ use Test::More tests => 2; use Scalar::Util qw(tainted); use Locale::Maketext; -my @ENV_values = values %ENV; -my $tainted_value; -do { $tainted_value = shift @ENV_values } while(!$tainted_value || ref $tainted_value); +my @ENV_values = map { !/^PERL/ && defined($ENV{$_}) && !ref($ENV{$_}) && $ENV{$_} ? $ENV{$_} : () } sort keys %ENV; +die "No %ENV vars to test?" if !@ENV_values; + +my ($tainted_value)= @ENV_values; $tainted_value =~ s/([\[\]])/~$1/g; -ok(tainted($tainted_value), "\$tainted_value is tainted") or die('huh... %ENV has no entries? I don\'t know how to test taint without it'); +# If ${^TAINT} is not set despite -T, this perl doesn't have taint support +ok(!${^TAINT} || tainted($tainted_value), "\$tainted_value is tainted") + or die("Could not find tainted value to use for testing (maybe fix the test?)"); my $result = Locale::Maketext::_compile("hello [_1]", $tainted_value); diff --git a/dist/Locale-Maketext/t/pod.t b/dist/Locale-Maketext/t/pod.t new file mode 100644 index 0000000..a0f6a50 --- /dev/null +++ b/dist/Locale-Maketext/t/pod.t @@ -0,0 +1,8 @@ +#!perl -Tw + +use warnings; +use strict; +use Test::More; +eval 'use Test::Pod 1.14'; +plan skip_all => 'Test::Pod 1.14 required for testing POD' if $@; +all_pod_files_ok();
