develooper Front page | perl.perl5.porters | Postings from November 2006

[PATCH] Re: [perl #32687] Encode::is_utf8 on tainted UTF8 stringreturns false

Thread Previous | Thread Next
From:
Rafael Garcia-Suarez
Date:
November 16, 2006 08:58
Subject:
[PATCH] Re: [perl #32687] Encode::is_utf8 on tainted UTF8 stringreturns false
Message ID:
20061116173644.4412f66f@grubert.mandriva.com
Mark Martinec (via RT) wrote:
> The Encode::is_utf8() on an UTF-8 character string
> returns false if the string is tainted.
> (whereas the utf8::is_utf8 produces correct results)
> 
> INCORRECT:  ($a is tainted)
>   perl -Te 'use Encode; $a="\x{263a}.$0";
>             printf "(%s,%s)\n", Encode::is_utf8($a), utf8::is_utf8($a)'
>   (,1)
> 
> correct:   ($a not tainted)
>   perl -Te 'use Encode; $a="\x{263a}";
>             printf "(%s,%s)\n", Encode::is_utf8($a), utf8::is_utf8($a)'
>   (1,1)
> 
> As far as I tried, this is not specific to a platform.

This patch to Encode solves the problem : (tainted strings are not
POK due to taint magic)

Dan, would you consider adding it to your version ?

--- ext/Encode/Encode.xs        (révision 8858)
+++ ext/Encode/Encode.xs        (copie de travail)
@@ -757,15 +757,11 @@ CODE:
 {
     if (SvGMAGICAL(sv)) /* it could be $1, for example */
     sv = newSVsv(sv); /* GMAGIG will be done */
-    if (SvPOK(sv)) {
     RETVAL = SvUTF8(sv) ? TRUE : FALSE;
     if (RETVAL &&
         check  &&
         !is_utf8_string((U8*)SvPVX(sv), SvCUR(sv)))
         RETVAL = FALSE;
-    } else {
-    RETVAL = FALSE;
-    }
     if (sv != ST(0))
     SvREFCNT_dec(sv); /* it was a temp copy */
 }
End of Patch.

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About