> > Both problems could originate from the same Perl bug, triggered
> > by some code running before. We had this sort of Perl taint bugs
> > before, but provided a workaround for most if not all of them.
>
> Seems like the problem occurs with Perl 5.8.7, but not with 5.8.8.
Please see if the following provides adequate workaround
for another manifestation of a Perl taint bug:
--- amavisd~ 2006-04-05 16:43:23.000000000 +0200
+++ amavisd 2006-04-05 19:49:35.000000000 +0200
@@ -3580,3 +3580,3 @@
sub tokenize($;$) {
- my($str_ref,$tokens_ref) = @_;
+ my($str_ref,$tokens_ref) = @_; local($1);
$tokens_ref = [] if !defined($tokens_ref);
@@ -14555,2 +14555,3 @@
my($saved_umask) = umask;
+ local($1,$2,$3,$4,$5,$6); # avoid Perl bug, $1 gets tainted in compile_now
my($spamassassin_obj) = Mail::SpamAssassin->new({
It seems the problem no longer exists in Perl 5.8.8,
I certainly can't reproduce it with 5.8.8, but can with 5.8.7.
Mark
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
