On Thu, Jul 07, 2005 at 02:39:33PM +0100, Dave Mitchell wrote:
> > > eval_sv("123;", G_SCALAR|G_KEEPERR);
> > >
> > > die with:
> > >
> > > Insecure dependency in eval_sv() while running with -T
> >
> > does it still fail post change 25081 ?
>
> Ignore that, I can reproduce it now
fixed by the change below.
--
My get-up-and-go just got up and went.
Change 25094 by [EMAIL PROTECTED] on 2005/07/07 14:47:51
more taint fallout from change 24943
Affected files ...
... //depot/perl/mg.c#358 edit
... //depot/perl/scope.c#156 edit
... //depot/perl/t/op/taint.t#68 edit
Differences ...
==== //depot/perl/mg.c#358 (text) ====
@@ -1913,7 +1913,7 @@
Perl_magic_gettaint(pTHX_ SV *sv, MAGIC *mg)
{
PERL_UNUSED_ARG(sv);
- TAINT_IF(mg->mg_len & 1);
+ TAINT_IF((PL_localizing != 1) && (mg->mg_len & 1));
return 0;
}
==== //depot/perl/scope.c#156 (text) ====
@@ -170,7 +170,9 @@
Perl_save_scalar(pTHX_ GV *gv)
{
SV **sptr = &GvSV(gv);
+ PL_localizing = 1;
SvGETMAGIC(*sptr);
+ PL_localizing = 0;
SSCHECK(3);
SSPUSHPTR(SvREFCNT_inc(gv));
SSPUSHPTR(SvREFCNT_inc(*sptr));
==== //depot/perl/t/op/taint.t#68 (xtext) ====
@@ -17,7 +17,7 @@
use File::Spec::Functions;
BEGIN { require './test.pl'; }
-plan tests => 243;
+plan tests => 244;
$| = 1;
@@ -1128,3 +1128,10 @@
test tainted $x99;
}
+# an mg_get of a tainted value during localization shouldn't taint the
+# statement
+
+{
+ eval { local $0, eval '1' };
+ test $@ eq '';
+}
