diff options
| author | Joel Berger <joel.a.berger@gmail.com> | 2012-12-01 10:15:36 -0600 |
|---|---|---|
| committer | Father Chrysostomos <sprout@cpan.org> | 2012-12-03 08:53:45 -0800 |
| commit | 9f28c6384ccf40ab7e158f98d343a59c296c6074 (patch) | |
| tree | 2245f43c7086802e5fc6d0ca19a3ed35050ba7cd /dist | |
| parent | 52ee8d0ab0016f47e2280ef34ee0f8e2d7ee2590 (diff) | |
| download | perl-9f28c6384ccf40ab7e158f98d343a59c296c6074.tar.gz | |
Cwd::fast_abs_path's untaint should allow for multiline directories
This bug was noticed via https://github.com/dagolden/file-chdir/issues/3 and testing has led to this being the cause.
The problem is worse on some platforms (notably cygwin in this case) when abs_path is implemented by fast_abs_path.
Since File::chdir tests for proper behavior when a directory contains a newline, this bug then breaks File::chdir (one of my favorites and very useful xplatform tool).
Yes this should have tests, but since it will involve creating a directory with a newline, I thought I would do better to leave that to someone with better knowledge than I.
Diffstat (limited to 'dist')
| -rw-r--r-- | dist/Cwd/Cwd.pm | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/dist/Cwd/Cwd.pm b/dist/Cwd/Cwd.pm index f772bf45b0..888c505f67 100644 --- a/dist/Cwd/Cwd.pm +++ b/dist/Cwd/Cwd.pm @@ -624,8 +624,8 @@ sub fast_abs_path { # Detaint else we'll explode in taint mode. This is safe because # we're not doing anything dangerous with it. - ($path) = $path =~ /(.*)/; - ($cwd) = $cwd =~ /(.*)/; + ($path) = $path =~ /(.*)/s; + ($cwd) = $cwd =~ /(.*)/s; unless (-e $path) { _croak("$path: No such file or directory"); |