Your message dated Sun, 22 May 2005 16:42:45 +1000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#303308: Possibly fixed in Perl 5.8.6
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 5 Apr 2005 23:02:09 +0000
>From [EMAIL PROTECTED] Tue Apr 05 16:02:09 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mail.autoweb.net (mail) [198.172.237.26]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DIx3h-0000Mv-00; Tue, 05 Apr 2005 16:02:09 -0700
Received: from ryan2.internal.autoweb.net ([10.37.1.38] ident=mail)
by mail with esmtp (Exim 4.44)
id 1DIx39-0007eN-UY; Tue, 05 Apr 2005 19:01:35 -0400
Received: from ryan by ryan2.internal.autoweb.net with local (Exim 3.36 #1
(Debian))
id 1DIx39-0006pz-00; Tue, 05 Apr 2005 19:01:35 -0400
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Ryan Anderson <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: perl: Untainting a variable does not actually untaint the variable
X-Mailer: reportbug 3.9
Date: Tue, 05 Apr 2005 19:01:35 -0400
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: perl
Version: 5.8.4-8
Severity: normal
The following snippet of code, when run in taint mode, sometimes fails
with a taint error:
$page =~ tr/A-Z/a-z/;
$page =~ tr/a-z0-9//cd;
$page =~ m/^([A-Z0-9]*)$/i;
$page = $1;
my $ev = sprintf 'require ACI::Forms::%s; $self = new
ACI::Forms::%s($q);', $page, $page;
$l->log('info',"page (value = '%s') is tainted when about to eval
'%s'",$page,$ev)
if is_tainted($page);
$l->log('info',"ev (value = '%s') is tainted when about to eval for
page '%s'",$ev,$page)
if is_tainted($ev);
eval $ev;
if ($@) {
$l->log('err','Tried to eval %s, got %s',$ev,$@);
return undef;
}
Specifically, the eval $ev; line fails.
The calls to $l->log() do trigger:
Apr 5 18:47:00 ryan2 index.pl[4539]: 10.37.1.38/ryan ACI::Forms page (value =
'main') is tainted when about to eval 'require ACI::Forms::main; $self = new
ACI::Forms::main($q);'
Apr 5 18:47:00 ryan2 index.pl[4539]: 10.37.1.38/ryan ACI::Forms ev (value =
'require ACI::Forms::main; $self = new ACI::Forms::main($q);') is tainted when
about to eval for page 'main'
$page should begin tainted. This is a snippet of code that runs inside
mod_perl and Apache, using Apache::Registry, Apache::DBI and CGI.pm.
Note: This is an intermittent failure.
This was not the first request handled by this particular Apache
process, nor the last (it is still running after this error.)
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (900, 'testing'), (300, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages perl depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-18 Berkeley v4.2 Database Libraries [
ii libgdbm3 1.8.3-2 GNU dbm database routines (runtime
ii perl-base 5.8.4-8 The Pathologically Eclectic Rubbis
ii perl-modules 5.8.4-8 Core Perl modules
-- no debconf information
---------------------------------------
Received: (at 303308-close) by bugs.debian.org; 22 May 2005 06:42:51 +0000
>From [EMAIL PROTECTED] Sat May 21 23:42:51 2005
Return-path: <[EMAIL PROTECTED]>
Received: from londo.c47.org [198.142.1.20] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DZkAl-0000VR-00; Sat, 21 May 2005 23:42:51 -0700
Received: from bod by londo.c47.org with local (Exim 3.36 #1 (Debian))
id 1DZkAf-0002GM-00; Sun, 22 May 2005 16:42:45 +1000
Date: Sun, 22 May 2005 16:42:45 +1000
From: Brendan O'Dea <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Bug#303308: Possibly fixed in Perl 5.8.6
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
User-Agent: Mutt/1.5.9i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
On Fri, May 20, 2005 at 03:28:23PM -0400, Ryan Anderson wrote:
>A colleague of mine reports that the Perl 5.8.6 changelog has fixed a
>bug where taint checks would corrupt the stack.
>
>This seems like it might (possibly) be related.
>
>Is there an eta on Perl 5.8.6 being included in, possibly, experimental?
Perl has been stuck at 5.8.4 due to the sarge freeze, which started mid
2004 (a couple of weeks after 5.8.5 was released).
As such, I can't upload 5.8.6 to unstable, but experimental is a good
idea. Uploaded packages today.
--bod
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
