tag 303308 + pending
thanks
On Sun, Oct 30, 2005 at 03:45:52PM -0500, Chris Heath wrote:
>On Sat, 2005-10-29 at 16:07 +1000, Brendan O'Dea wrote:
>> See: http://bugs.debian.org/303308 .
>>
>> The following patch appears to correct the problem, although I'm not
>> sufficiently versed in the taint
Chris Heath wrote:
> On Sat, 2005-10-29 at 16:07 +1000, Brendan O'Dea wrote:
> > See: http://bugs.debian.org/303308 .
> >
> > The following patch appears to correct the problem, although I'm not
> > sufficiently versed in the taint implementation to say that it's the
> > correct fix. An alternate
On Sat, 2005-10-29 at 16:07 +1000, Brendan O'Dea wrote:
> See: http://bugs.debian.org/303308 .
>
> The following patch appears to correct the problem, although I'm not
> sufficiently versed in the taint implementation to say that it's the
> correct fix. An alternate fix is included in the bug rep
forwarded 303308 perl5-porters@perl.org
thanks
On Thu, Oct 20, 2005 at 09:27:24AM -0400, Chris Heath wrote:
>We were finally able to narrow this bug down to a small test case. I
>have also attached a patch that fixes it.
Thanks Chris,
>Brendan, is there anything else you need from us to get thi
See: http://bugs.debian.org/303308 .
The issue described concerns $1 getting tainted when a __WARN__ handler
is called (undefined value) during the execution of an expression which
contains a tainted value. After this point, $1 is always tainted.
>From what I can tell, $1 is being tainted from P
We were finally able to narrow this bug down to a small test case. I
have also attached a patch that fixes it.
#!/usr/bin/perl -Tw
$SIG{'__WARN__'} = sub {warn $_[0]};
my $tainted = substr($ENV{'PATH'}, 0, 0);
my $pat = "Testing %s\n" . $tainted;
"foo" =~ m/(.*)/;
my $foo = $1;
my $s = sprintf($
6 matches
Mail list logo
