On Mon, Feb 20, 2006 at 10:12:33AM -0500, John E. Malmberg wrote:
> Extracted program:
>
> EAGLE> type [-.t.op]taint.t2
> use strict;
> use Config;
> use File::Spec::Functions;
> use Devel::Peek;
>
> my $got_dualvar;
> eval 'use Scalar::Util "dualvar"; $got_dualvar++';
> # skip "No Scalar::Util::dualvar" unless $got_dualvar;
> my $a = Scalar::Util::dualvar(3, $^X);
> Dump $a;
> print STDERR "a = $a\n";
> my $b = $a + 5;
> print STDERR "b = $b, should be 8\n";
> # is ($b, 8, "Arithmetic on tainted dualvars works");
>
> Run first with out tainting, output looks good:
>
> EAGLE> mcr [-]ndbgperl "-I[-.lib]" [-.t.op]taint.t2
> SV = PVNV(0x36d1d8) at 0x2e9788
> REFCNT = 1
> FLAGS = (PADMY,IOK,POK,pIOK,pPOK)
> IV = 3
> NV = 0
> PV = 0x3121f8 "eagle$dqa0:[project_root.][perl-blead]ndbgperl.exe;3"\0
> CUR = 52
> LEN = 56
> a = eagle$dqa0:[project_root.][perl-blead]ndbgperl.exe;3
> b = 8, should be 8
That all looks good
> Run a second time with tainting, and fails.
>
> EAGLE> mcr [-]ndbgperl "-T" "-I[-.lib]" [-.t.op]taint.t2
> SV = PVMG(0x2c6d00) at 0x2e9740
> REFCNT = 1
> FLAGS = (PADMY,GMG,SMG,pPOK)
> IV = 0
> NV = 0
> PV = 0x339ce0 "eagle$dqa0:[project_root.][perl-blead]ndbgperl.exe;3"\0
> CUR = 52
> LEN = 56
> MAGIC = 0x2f7850
> MG_VIRTUAL = &PL_vtbl_taint
> MG_TYPE = PERL_MAGIC_taint(t)
> MG_LEN = 1
> a = eagle$dqa0:[project_root.][perl-blead]ndbgperl.exe;3
> b = 5, should be 8
>
> If Scalar::Util is dynamically loaded, I will have a hard time setting a
> breakpoint in it to debug it at C level to see what is going on.
It is. The output should look like this under taint mode:
SV = PVMG(0x822c85c) at 0x821927c
REFCNT = 1
FLAGS = (GMG,SMG,pIOK,pPOK)
IV = 3
NV = 0
PV = 0x826730c "/home/nick/p4perl/perl/perl"\0
CUR = 27
LEN = 28
MAGIC = 0x826734c
MG_VIRTUAL = &PL_vtbl_taint
MG_TYPE = PERL_MAGIC_taint(t)
MG_LEN = 1
ie the FLAGS line reads (PADMY,GMG,SMG,pIOK,pPOK)
Your FLAGS line doesn't have pIOK.
For me, the input is $^X
SV = PVMG(0x822c044) at 0x82192fc
REFCNT = 1
FLAGS = (GMG,SMG,pPOK)
IV = 0
NV = 0
PV = 0x8216e8c "/home/nick/p4perl/perl/perl"\0
CUR = 27
LEN = 28
MAGIC = 0x8216ecc
MG_VIRTUAL = &PL_vtbl_taint
MG_TYPE = PERL_MAGIC_taint(t)
MG_LEN = 1
and
SV = IV(0x8219fa8) at 0x8219fac
REFCNT = 1
FLAGS = (PADTMP,IOK,READONLY,pIOK)
IV = 3
I assume that $^X is tainted on VMS?
> Of course I do not really understand what I am looking at :-)
Well, there should be both pPOK and pIOK flags on the the value, with
IV = 3 and PV being the string for $^X
If you change your
print STDERR "a = $a\n";
to
printf STDERR "a = '%s', %d\n", $a, $a;
you should see the two values of the dualvar.
Assuming that input, the bug I was actually trying to fix was that when you
put this tainted dual valued scalar into an arithmetic expression, the string
got used for its numeric value, rather than the integer. Hence 0 rather than
3 in this case.
> In addition, the program that creates .C modules from .XS modules is
> placing "#line " directives in the .C source. This badly breaks the
> OpenVMS debugger, because it does not know how to map the binary code to
> the .XS module lines. I need to find out how to get that program to
> make those "#line" directives comments on VMS and not preprocessor
> directives.
I think adding -nolinenumbers to the flags passed to xsubpp should do it.
Although that might mean hacking descrip.mms after it's been generated from
Makefile.PL
Nicholas Clark
