summaryrefslogtreecommitdiff
path: root/embed.h
diff options
context:
space:
mode:
authorFather Chrysostomos <sprout@cpan.org>2016-09-03 13:30:22 -0700
committerFather Chrysostomos <sprout@cpan.org>2016-09-03 18:51:41 -0700
commitba0a4150f6f1604df236035adf6df18bd43de88e (patch)
tree04c01c3acb428079b256a36f99efb832403e68d7 /embed.h
parentfac2c98c83b1d3b5039146aa7b14e3ed41f65cc4 (diff)
downloadperl-ba0a4150f6f1604df236035adf6df18bd43de88e.tar.gz
Fix checks for tainted dir in $ENV{PATH}
$ cat > foo #!/usr/bin/perl print "What?!\n" ^D $ chmod +x foo $ ./perl -Ilib -Te '$ENV{PATH}="."; exec "foo"' Insecure directory in $ENV{PATH} while running with -T switch at -e line 1. That is what I expect to see. But: $ ./perl -Ilib -Te '$ENV{PATH}="/\\:."; exec "foo"' What?! Perl is allowing the \ to escape the :, but the \ is not treated as an escape by the system, allowing a relative path in PATH to be consid- ered safe.
Diffstat (limited to 'embed.h')
-rw-r--r--embed.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/embed.h b/embed.h
index 8220ab567d..8be5109a28 100644
--- a/embed.h
+++ b/embed.h
@@ -1216,6 +1216,7 @@
#define deb_stack_all() Perl_deb_stack_all(aTHX)
#define defelem_target(a,b) Perl_defelem_target(aTHX_ a,b)
#define delete_eval_scope() Perl_delete_eval_scope(aTHX)
+#define delimcpy_no_escape Perl_delimcpy_no_escape
#define die_unwind(a) Perl_die_unwind(aTHX_ a)
#define do_aexec5(a,b,c,d,e) Perl_do_aexec5(aTHX_ a,b,c,d,e)
#define do_dump_pad(a,b,c,d) Perl_do_dump_pad(aTHX_ a,b,c,d)