diff options
author | Zefram <zefram@fysh.org> | 2012-02-25 20:32:09 +0000 |
---|---|---|
committer | Zefram <zefram@fysh.org> | 2012-02-25 20:38:12 +0000 |
commit | 19db9fb7213e8d346c88f2b573e378f35d81ffcf (patch) | |
tree | 60e83adf4deb9104d21bb3c3ec71b04b9fc65c8e | |
parent | e0f138939ac28fffc7b06bea23950f5dd6a72f37 (diff) | |
download | perl-19db9fb7213e8d346c88f2b573e378f35d81ffcf.tar.gz |
don't taint $$ determined by getpid()
Reading $$ in a tainted expression was tainting the internal sv_setiv()
on $$. Since the value being set came directly from getpid(), it's
always safe, so override the tainting there. Fixes [perl #109688].
-rw-r--r-- | mg.c | 5 | ||||
-rw-r--r-- | t/op/taint.t | 9 |
2 files changed, 12 insertions, 2 deletions
@@ -1079,9 +1079,12 @@ Perl_magic_get(pTHX_ SV *sv, MAGIC *mg) case '$': /* $$ */ { IV const pid = (IV)PerlProc_getpid(); - if (isGV(mg->mg_obj) || SvIV(mg->mg_obj) != pid) + if (isGV(mg->mg_obj) || SvIV(mg->mg_obj) != pid) { /* never set manually, or at least not since last fork */ sv_setiv(sv, pid); + /* never unsafe, even if reading in a tainted expression */ + SvTAINTED_off(sv); + } /* else a value has been assigned manually, so do nothing */ } break; diff --git a/t/op/taint.t b/t/op/taint.t index 0b626f340c..1b754399f9 100644 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -17,7 +17,7 @@ BEGIN { use strict; use Config; -plan tests => 791; +plan tests => 793; $| = 1; @@ -2176,6 +2176,13 @@ for(1,2) { } pass("no death when TARG of ref is tainted"); +# $$ should not be tainted by being read in a tainted expression. +{ + isnt_tainted $$, "PID not tainted initially"; + my $x = $ENV{PATH}.$$; + isnt_tainted $$, "PID not tainted when read in tainted expression"; +} + { use feature 'fc'; use locale; |