On Thu, Jul 07, 2005 at 02:39:33PM +0100, Dave Mitchell wrote: > > > eval_sv("123;", G_SCALAR|G_KEEPERR); > > > > > > die with: > > > > > > Insecure dependency in eval_sv() while running with -T > > > > does it still fail post change 25081 ? > > Ignore that, I can reproduce it now
fixed by the change below. -- My get-up-and-go just got up and went. Change 25094 by [EMAIL PROTECTED] on 2005/07/07 14:47:51 more taint fallout from change 24943 Affected files ... ... //depot/perl/mg.c#358 edit ... //depot/perl/scope.c#156 edit ... //depot/perl/t/op/taint.t#68 edit Differences ... ==== //depot/perl/mg.c#358 (text) ==== @@ -1913,7 +1913,7 @@ Perl_magic_gettaint(pTHX_ SV *sv, MAGIC *mg) { PERL_UNUSED_ARG(sv); - TAINT_IF(mg->mg_len & 1); + TAINT_IF((PL_localizing != 1) && (mg->mg_len & 1)); return 0; } ==== //depot/perl/scope.c#156 (text) ==== @@ -170,7 +170,9 @@ Perl_save_scalar(pTHX_ GV *gv) { SV **sptr = &GvSV(gv); + PL_localizing = 1; SvGETMAGIC(*sptr); + PL_localizing = 0; SSCHECK(3); SSPUSHPTR(SvREFCNT_inc(gv)); SSPUSHPTR(SvREFCNT_inc(*sptr)); ==== //depot/perl/t/op/taint.t#68 (xtext) ==== @@ -17,7 +17,7 @@ use File::Spec::Functions; BEGIN { require './test.pl'; } -plan tests => 243; +plan tests => 244; $| = 1; @@ -1128,3 +1128,10 @@ test tainted $x99; } +# an mg_get of a tainted value during localization shouldn't taint the +# statement + +{ + eval { local $0, eval '1' }; + test $@ eq ''; +}