diff options
| author | Father Chrysostomos <sprout@cpan.org> | 2011-12-16 23:27:49 -0800 |
|---|---|---|
| committer | Father Chrysostomos <sprout@cpan.org> | 2011-12-16 23:27:49 -0800 |
| commit | 63a0dcf71fbcd47a260abe81c68ea3c2bdb493ba (patch) | |
| tree | 82b1ba3331f603acafb10cefc4916a507ba92991 /dist | |
| parent | b8f00b0e68ea7f3f6fd2adeddf74dbfd2133578f (diff) | |
| download | perl-63a0dcf71fbcd47a260abe81c68ea3c2bdb493ba.tar.gz | |
[rt.cpan.org #45885] File::Spec: Don’t use tainted tmpdir in 5.6
Perl 5.6 doesn’t have ${^TAINT}, so the taint check in
File::Spec::Unix->_tmpdir was skipped. This commit adds a taint check
using eval { eval $safe_substring } for 5.6.
Diffstat (limited to 'dist')
| -rw-r--r-- | dist/Cwd/lib/File/Spec/Unix.pm | 7 | ||||
| -rw-r--r-- | dist/Cwd/t/Spec-taint.t | 17 |
2 files changed, 22 insertions, 2 deletions
diff --git a/dist/Cwd/lib/File/Spec/Unix.pm b/dist/Cwd/lib/File/Spec/Unix.pm index 9f024e00be..b3481476a8 100644 --- a/dist/Cwd/lib/File/Spec/Unix.pm +++ b/dist/Cwd/lib/File/Spec/Unix.pm @@ -3,7 +3,7 @@ package File::Spec::Unix; use strict; use vars qw($VERSION); -$VERSION = '3.34'; +$VERSION = '3.35'; $VERSION = eval $VERSION; =head1 NAME @@ -135,7 +135,7 @@ writable: $ENV{TMPDIR} /tmp -Since perl 5.8.0, if running under taint mode, and if $ENV{TMPDIR} +If running under taint mode, and if $ENV{TMPDIR} is tainted, it is not used. =cut @@ -151,6 +151,9 @@ sub _tmpdir { require Scalar::Util; @dirlist = grep { ! Scalar::Util::tainted($_) } @dirlist; } + elsif ($] < 5.007) { # No ${^TAINT} before 5.8 + @dirlist = grep { eval { eval('1'.substr $_,0,0) } } @dirlist; + } } foreach (@dirlist) { next unless defined && -d && -w _; diff --git a/dist/Cwd/t/Spec-taint.t b/dist/Cwd/t/Spec-taint.t new file mode 100644 index 0000000000..ef4f1ee3f2 --- /dev/null +++ b/dist/Cwd/t/Spec-taint.t @@ -0,0 +1,17 @@ +#!./perl -Tw +# Testing File::Spec under taint mode. + +use strict; + +chdir 't' unless $ENV{PERL_CORE}; + +use File::Spec; +use lib File::Spec->catdir('t', 'lib'); +use Test::More tests => 2; + +use Scalar::Util qw/tainted/; + +my $ret; +eval { $ret = File::Spec->tmpdir }; +is( $@, '', "tmpdir should not explode under taint mode" ); +ok( !tainted($ret), "its return value should not be tainted" ); |