develooper Front page | perl.perl5.porters | Postings from August 2003

sv_gets and tainting

Stas Bekman
August 30, 2003 11:24
sv_gets and tainting
Message ID:

First of all, should sv_gets function set the sv's taint flag on, if 
PL_tainted and PL_tainting is on?

I think I have noticed a strage thing with the sv_gets function. I think it's
possible that it won't turn the taint bit on the sv, if it exits through the
thats_all_folks label and bypasses the screamer2 label, which is the only
place where a function that will set the taint flag mode are called:

	if (append)
	     sv_catpvn(sv, (char *) buf, cnt);
	     sv_setpvn(sv, (char *) buf, cnt);

but then I'm not sure that it's supposed to make the sv tainted at all. Is it 
possible that the api doc will include the information on when relevant 
functions make the sv they operate on tainted?

Unfortunately I don't have a test case, and I spent many hours trying to
understand how things work, but I failed. Perhaps you will have a better luck.
One of the things that I failed to figure out is when PL_tainted is set.

I think to reproduce it you can call:

$data = $r->slurp_filename;

from mod_perl 1.0 CGI script and if you look at it, it won't be tainted
(tested with Devel::Peek and by stepping through the code with debugger as
well). Of course this is running with PerlTaintCheck On in httpd.conf (equiv 
of -T under mod_perl 1.0).

Any ideas? Am I totaly wrong?


Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker     mod_perl Guide --->


Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker     mod_perl Guide ---> Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About