Rob,
I took a stab at it this morning. Basically I tried to do 2 things:
- Get the small test script to run cleanly under UNTAINT;
- Try to get the test suite to behave properly when run under -T (by
way of the HARNESS_PERL_SWITCHES env var). That way it's easy to
perioically run the test suite with -T and see if somoe new taint bugs
have crept in.
To fix the former 2 small patches seem to be required: one for
Inline.pm and one for denter.pm:
Inline.pm:
@@ -1201,6 +1217,7 @@
my @parts = File::Spec->splitdir($rmpath);
while (@parts){
$rmpath = File::Spec->catdir($prefix ? ($prefix,@parts) :
@parts);
+ ($rmpath) = $rmpath =~ /(.*)/ if UNTAINT;
rmdir $rmpath
or last; # rmdir failed because dir was not empty
pop @parts;
denter.pm (without this a taint exception is thrown by AutoLoader.pm):
@@ -13,6 +13,9 @@
}, $class;
}
+sub DESTROY {
+}
+
To fix the latter, a mechanism needs to be put in place in Inline.pm
so that it activates UNTAINT automatically (only when -T is set and
when we are running under the test harness). Also, the test suite
makes liberal use of relative paths in @INC, which throws off a few
taint exceptions. Finally, the Inline::Foo module used in the test
suite needs some untainting in some places.
I have a patch for this also, but it's larger than the other two. Rob,
what format is preferable for the patch?
BTW: I wasn't able to reproduce Rob's build problem with the small
test script below. It ran fine (without -T) on my test env (Linux
FC10, x64, perl 5.10.0).
Patrick
On Wed, Jul 1, 2009 at 10:33 PM, Sisyphus<sisyph...@optusnet.com.au> wrote:
>
> ----- Original Message ----- From: "Patrick LeBoutillier"
> <patrick.leboutill...@gmail.com>
>
>>> By my thinking, if Inline offers that UNTAINT option, it should work as
>>> intended. If it doesn't work as intended it should be either fixed or
>>> removed. (I just wish someone else would fix it, that's all :-)
>>
>> If you want I'll take a look at it.
>
> I wasn't really trying to enlist help, and I'm sure I'll get to the bottom
> of it eventually. It's really just a matter of working through Inline and
> Inline::C and finding out what UNTAINT is actually doing. Unfortunately
> running test programs don't really seem to help, because things just fail
> without producing any diagnostic output. And I keep allowing myself to be
> distracted by other things, which also doesn't help much.
>
> Patrick, of course, if you're interested, by all means take a look ... I'm
> certainly not one to refuse assistance :-)
>
> As a little appetiser, I ran this *without* -T (just to try and see what
> UNTAINT is doing):
>
> ##########################
> use warnings;
> use Inline Config =>
> # BUILD_NOISY => 1,
> UNTAINT => 1,
> SAFEMODE => 0;
>
>
> use Inline C => <<'EOC';
>
> void greet() {
> printf("Hello World\n");
> }
>
> EOC
>
> greet();
> ##########################
>
> It dies at the 'perl Makefile.PL' step:
>
> ##########################
> A problem was encountered while attempting to compile and install your
> Inline
> C code. The command that failed was:
> c:\perl510_M\5.10.0\bin\perl.exe Makefile.PL > out.Makefile_PL 2>&1
>
> The build directory was:
> C:\_32\pscrpt\inline\_Inline\build\taint_pl_f071
>
> To debug the problem, cd to the build directory, and inspect the output
> files.
>
> at taint.pl line 8
> BEGIN failed--compilation aborted at taint.pl line 14.
> ##########################
>
> There are no useful output files - INLINE.h, Makefile.PL and
> taint_pl_f071.xs are the only files there and they all look fine.
>
> Seems like it's the redirection to file that's causing the problem because,
> if I include the BUILD_NOISY option, the script then dies at the 'make'
> stage:
>
> ##########################
> Starting Build Preprocess Stage
> Finished Build Preprocess Stage
>
> Starting Build Parse Stage
> Finished Build Parse Stage
>
> Starting Build Glue 1 Stage
> Finished Build Glue 1 Stage
>
> Starting Build Glue 2 Stage
> Finished Build Glue 2 Stage
>
> Starting Build Glue 3 Stage
> Finished Build Glue 3 Stage
>
> Starting Build Compile Stage
> Starting "perl Makefile.PL" Stage
> Finished "perl Makefile.PL" Stage
>
> Starting "make" Stage
>
> A problem was encountered while attempting to compile and install your
> Inline
> C code. The command that failed was:
> dmake
>
> The build directory was:
> C:\_32\pscrpt\inline\_Inline\build\taint_pl_f071
>
> To debug the problem, cd to the build directory, and inspect the output
> files.
>
> at taint.pl line 8
> BEGIN failed--compilation aborted at taint.pl line 14.
> ##########################
>
> Again, there is no useful output file to inspect.
> Anyway ... it surely can't be all that difficult to work out ... time to
> "stop talking about it and do something" :-)
>
> Cheers,
> Rob
>
>
>
>
--
=====================
Patrick LeBoutillier
Rosemère, Québec, Canada
