don't taint $DB::sub

[perl #76872] showed a case where code like the following, run under -d,
would cause $DB::sub to get set:

    $tainted_expression && func()

The tainted expression sets PL_tainted, so calling func() under -d, which
sets $DB::sub, causes it to get tainted.

Consequently any further sub calls would set PL_tainted while getting the
old value of $DB::sub (and cause the new value to be tainted too), and if
the sub was XS, then its code would be executed with PL_tainted set.
It isn't an issue with perl subs as the first nextstate op resets
PL_tainted.

1 files changed, 10 insertions, 1 deletions

diff --git a/lib/perl5db.t b/lib/perl5db.t
index 3f68759efe..b2f72661c6 100644
--- a/lib/perl5db.t
+++ b/lib/perl5db.t
@@ -27,7 +27,7 @@ my $dev_tty = '/dev/tty';
     }
 }
 
-plan(8);
+plan(9);
 
 sub rc {
     open RC, ">", ".perldb" or die $!;
@@ -167,6 +167,15 @@ SKIP: {
     like($output, "All tests successful.", "[perl #66110]");
 }
 
+# taint tests
+
+{
+    local $ENV{PERLDB_OPTS} = "ReadLine=0 NonStop=1";
+    my $output = runperl(switches => [ '-d', '-T' ], stderr => 1,
+			progfile => '../lib/perl5db/t/taint');
+    is($output, '[$^X][done]', "taint");
+}
+
 
 # clean up.