Martin J. Evans wrote: > Hi, > > I've spent some time on this today and I am getting nowhere. Before I > redouble my efforts I thought I'd post here just in case anything rings > a bell with someone. > > We are using the latest DBI and DBD::Oracle to get data from an Oracle > data. All data is retrieved via reference cursor returned from a > function or procedure. When our application starts work there is no > problem but part way through all of the returned data is inexplicably > tainted. This is a real PITA because of bugs in Locale::MakeText > (http://rt.cpan.org/Public/Bug/Display.html?id=40727) via the Perl bug > re pos not updated on \G in regexps > (http://rt.perl.org/rt3/Public/Bug/Display.html?id=27344) and in general > because some DB returned data is used to create filenames and because it > prevents us using -T (instead we are having to run -t). > > We are running the perl script as root but it makes no difference run as > a normal user. When tainted data is returned TaintIn, TaintOut and Taint > are all false on the connection handle and the statement handles are > created a fresh for each procedure/function call. > > I've tried with the Ubuntu 9.10 supplied 5.10 and a separate 5.10.1 I > built - no difference. > > Any ideas where to go next? > > Thanks > > Martin > >
I forgot to mention I stuck an printf and abort in _get_fbav where output data is tainted and this never seems to get called. However, my retrieved data is still tainted. Martin
