[perl #82250] fix tainted (s)print format

commit 20ee07fbbcfa6be9f90bb8e5474a4d69d7396617 introduced dieing in (s)printf when the format is tainted; however it only worked when the format is part of an expression (because TAINT_PROPER checks for PL_tainted being set). Fix by doing TAINT_PROPER only after get magic has been done on the format SV (which will set PL_tainted). This is done by moving the checks in pp_sprintf and pp_prtf into do_sprintf() (which is called by the two pp functions).
author: David Mitchell <davem@iabyn.com> 2011-03-14 16:04:59 +0000
committer: David Mitchell <davem@iabyn.com> 2011-03-14 16:31:25 +0000
commit: e06d98fb28fb93799939b64c5cd2d41f83060c81 (patch)
tree: 933c857945a62c61ecdfb5461eb9c1b10c8fe79a /doop.c
parent: 295c2f7d5349d9417307a84d22b5ba63d9a655ed (diff)
download: perl-e06d98fb28fb93799939b64c5cd2d41f83060c81.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/doop.c b/doop.c
index 717ee66280..4e0d9e398c 100644
--- a/doop.c
+++ b/doop.c
@@ -741,6 +741,14 @@ Perl_do_sprintf(pTHX_ SV *sv, I32 len, SV **sarg)
 
     PERL_ARGS_ASSERT_DO_SPRINTF;
 
+    if (SvTAINTED(*sarg))
+	TAINT_PROPER(
+		(PL_op && PL_op->op_type < OP_max)
+		    ? (PL_op->op_type == OP_PRTF)
+			? "printf"
+			: PL_op_name[PL_op->op_type]
+		    : "(unknown)"
+	);
     SvUTF8_off(sv);
     if (DO_UTF8(*sarg))
         SvUTF8_on(sv);
author	David Mitchell <davem@iabyn.com>	2011-03-14 16:04:59 +0000
committer	David Mitchell <davem@iabyn.com>	2011-03-14 16:31:25 +0000
commit	e06d98fb28fb93799939b64c5cd2d41f83060c81 (patch)
tree	933c857945a62c61ecdfb5461eb9c1b10c8fe79a /doop.c
parent	295c2f7d5349d9417307a84d22b5ba63d9a655ed (diff)
download	perl-e06d98fb28fb93799939b64c5cd2d41f83060c81.tar.gz