diff options
| author | Father Chrysostomos <sprout@cpan.org> | 2013-08-11 13:43:57 -0700 |
|---|---|---|
| committer | Father Chrysostomos <sprout@cpan.org> | 2013-08-11 13:43:57 -0700 |
| commit | fdfdd8f7d462f8cb478f5731a943346d70ef6e51 (patch) | |
| tree | cc50c1b4327ea8cd2a28ef2f48019628a1c36570 /t | |
| parent | 4a8374a642996ba607363ad1659472af37b02fb2 (diff) | |
| download | perl-fdfdd8f7d462f8cb478f5731a943346d70ef6e51.tar.gz | |
Don’t taint undef in reset
reset was tainting undef if the internal SV type happened to be SVt_PV
or higher. This has got to have been a mistake. Tainting undef or
what is known to be an empty string does not make sense, even in a
tainted expression. Tainting it based on the internal type does not
make sense either, and results in inconsistencies in behaviour (taint
it if it *was* a string, even though it isn’t now, but not if it was a
number, unless that number was tied, or had pos() set, etc.).
This tainting has been here since perl 3.0 (commit a687059cb), which I
think was when tainting was introduced.
Applying the tainting based on the internal type has happened since
79072805bf6 (perl 5.0 alpha 2), which introduced different internal
SV types.
Diffstat (limited to 't')
| -rw-r--r-- | t/op/taint.t | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/t/op/taint.t b/t/op/taint.t index 834e6642fa..b521408fc5 100644 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -17,7 +17,7 @@ BEGIN { use strict; use Config; -plan tests => 797; +plan tests => 798; $| = 1; @@ -2351,6 +2351,11 @@ SKIP: { like($@, qr/Eval-group in insecure regular expression/, "tainted (?{})"); } +# reset() and tainted undef (?!) +$::x = "foo"; +$_ = "$TAINT".reset "x"; +is eval { eval $::x.1 }, 1, 'reset does not taint undef'; + # This may bomb out with the alarm signal so keep it last SKIP: { skip "No alarm()" unless $Config{d_alarm}; |