[perl #38709] Opening '|-' triggers unjustified taint check

From: mhasch@cpan.org (via RT) <perlbug-followup@perl.org>
Message-ID: <rt-3.0.11-38709-130993.2.89182805885773@perl.org>

p4raw-id: //depot/perl@27951

1 files changed, 29 insertions, 2 deletions

diff --git a/t/op/taint.t b/t/op/taint.t
index 76b553ba72..03bcc65768 100755
--- a/t/op/taint.t
+++ b/t/op/taint.t
@@ -17,8 +17,7 @@ use Config;
 use File::Spec::Functions;
 
 BEGIN { require './test.pl'; }
-plan tests => 246;
-
+plan tests => 249;
 
 $| = 1;
 
@@ -1158,3 +1157,31 @@ SKIP:
     my $b = $a + 5;
     is ($b, 8, "Arithmetic on tainted dualvars works");
 }
+
+# opening '|-' should not trigger $ENV{PATH} check
+
+{
+    SKIP: {
+	skip "fork() is not available", 3 unless $Config{'d_fork'};
+
+	$ENV{'PATH'} = $TAINT;
+	local $SIG{'PIPE'} = 'IGNORE';
+	eval {
+	    my $pid = open my $pipe, '|-';
+	    if (!defined $pid) {
+		die "open failed: $!";
+	    }
+	    if (!$pid) {
+		kill 'KILL', $$;	# child suicide
+	    }
+	    close $pipe;
+	};
+	test $@ !~ /Insecure \$ENV/, 'fork triggers %ENV check';
+	test $@ eq '',               'pipe/fork/open/close failed';
+	eval {
+	    open my $pipe, "|$Invoke_Perl -e 1";
+	    close $pipe;
+	};
+	test $@ =~ /Insecure \$ENV/, 'popen neglects %ENV check';
+    }
+}