diff options
| -rw-r--r-- | gv.c | 1 | ||||
| -rw-r--r-- | pod/perl594delta.pod | 5 | ||||
| -rwxr-xr-x | t/op/taint.t | 21 |
3 files changed, 25 insertions, 2 deletions
@@ -654,7 +654,6 @@ Perl_gv_autoload4(pTHX_ HV *stash, const char *name, STRLEN len, I32 method) sv_setpvn(varsv, packname, packname_len); sv_catpvs(varsv, "::"); sv_catpvn(varsv, name, len); - SvTAINTED_off(varsv); return gv; } diff --git a/pod/perl594delta.pod b/pod/perl594delta.pod index ef374ee008..a6b92b6a5d 100644 --- a/pod/perl594delta.pod +++ b/pod/perl594delta.pod @@ -27,6 +27,11 @@ file. (This trick is used by Pugs.) The special arrays C<@-> and C<@+> are no longer interpolated in regular expressions. +=head2 $AUTOLOAD can now be tainted + +If you call a subroutine by a tainted name, and if it defers to an +AUTOLOAD function, then $AUTOLOAD will be (correctly) tainted. + =head1 Core Enhancements =head2 state() variables diff --git a/t/op/taint.t b/t/op/taint.t index 03bcc65768..8311690194 100755 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -17,7 +17,7 @@ use Config; use File::Spec::Functions; BEGIN { require './test.pl'; } -plan tests => 249; +plan tests => 251; $| = 1; @@ -1185,3 +1185,22 @@ SKIP: test $@ =~ /Insecure \$ENV/, 'popen neglects %ENV check'; } } + +{ + package AUTOLOAD_TAINT; + sub AUTOLOAD { + our $AUTOLOAD; + return if $AUTOLOAD =~ /DESTROY/; + if ($AUTOLOAD =~ /untainted/) { + main::ok(!main::tainted($AUTOLOAD), '$AUTOLOAD can be untainted'); + } else { + main::ok(main::tainted($AUTOLOAD), '$AUTOLOAD can be tainted'); + } + } + + package main; + my $o = bless [], 'AUTOLOAD_TAINT'; + $o->$TAINT; + $o->untainted; +} + |