[perl #52552] pack "A*" and pack "a*" untaint data in 5.10.0

# New Ticket Created by  Chris 
# Please include the string:  [perl #52552]
# in the subject line of all future correspondence about this issue. 
# <URL: http://rt.perl.org/rt3/Ticket/Display.html?id=52552 >


To: perlbug@perl.org
Subject: pack "a*" and pack "A*" untaint data in 5.10.0
Reply-To: chris@localhost.(none)
Message-Id: <5.10.0_3444_1207582753@localhost>

This is a bug report for perl from chris@localhost.(none),
generated with the help of perlbug 1.36 running under perl 5.10.0.


-----------------------------------------------------------------
[Please enter your report here]

The following code leaves $x tainted after the pack() in 5.8.8 and
according to perlsec,
but it does not under 5.10.0 for some reason. The "A*" template and
the "a*" template both do this.

perl -wTe 'use Scalar::Util qw( tainted ); $x = $ARGV[0]; print
"tainted!\n" if tainted( $x ); $x = pack "a*", $x; print "No longer
+tainted!\n" unless tainted ($x); eval( $x ); ' 'print "hello,
world\n";'

I think the former behavior is proper. If not, then the docs need to
be updated with the new behavior and a caveat.

I'd like to thank "ambrus" on Perlmonks for noticing something was amiss.
I'd like to thank Tye McQueen ("tye" on PM) for suggesting the direct
taint testing from Scalar::Util.

Christopher E. Stith


[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
    category=core
    severity=high
---
Site configuration information for perl 5.10.0:

Configured by chris at Thu Mar 13 21:34:04 CDT 2008.

Summary of my perl5 (revision 5 version 10 subversion 0) configuration:
  Platform:
    osname=linux, osvers=2.6.22.18-desktop-1mdv, archname=i686-linux
    uname='linux localhost 2.6.22.18-desktop-1mdv #1 smp mon feb 11
13:53:50 est 2008 i686 amd athlon(tm) processor gnulinux '
    config_args='-ds -e'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=undef, use64bitall=undef, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cc', ccflags ='-fno-strict-aliasing -pipe -I/usr/local/include
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O2',
    cppflags='-fno-strict-aliasing -pipe -I/usr/local/include'
    ccversion='', gccversion='4.2.2 20071128 (prerelease)
(4.2.2-3.1mdv2008.0)', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t',
lseeksize=8
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lnsl -ldl -lm -lcrypt -lutil -lc
    perllibs=-lnsl -ldl -lm -lcrypt -lutil -lc
    libc=/lib/libc-2.6.1.so, so=so, useshrplib=false, libperl=libperl.a
    gnulibc_version='2.6.1'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
    cccdlflags='-fPIC', lddlflags='-shared -O2 -L/usr/local/lib'

Locally applied patches:


---
@INC for perl 5.10.0:
    /usr/local/lib/perl5/5.10.0/i686-linux
    /usr/local/lib/perl5/5.10.0
    /usr/local/lib/perl5/site_perl/5.10.0/i686-linux
    /usr/local/lib/perl5/site_perl/5.10.0
    .

---
Environment for perl 5.10.0:
    HOME=/home/chris
    LANG=en_US.UTF-8
    LANGUAGE=en_US.UTF-8:en_US:en
    LC_ADDRESS=en_US.UTF-8
    LC_COLLATE=en_US.UTF-8
    LC_CTYPE=en_US.UTF-8
    LC_IDENTIFICATION=en_US.UTF-8
    LC_MEASUREMENT=en_US.UTF-8
    LC_MESSAGES=en_US.UTF-8
    LC_MONETARY=en_US.UTF-8
    LC_NAME=en_US.UTF-8
    LC_NUMERIC=en_US.UTF-8
    LC_PAPER=en_US.UTF-8
    LC_SOURCED=1
    LC_TELEPHONE=en_US.UTF-8
    LC_TIME=en_US.UTF-8
    LD_LIBRARY_PATH=/home/chris/GNUstep/Library/Libraries:/usr/lib
    LOGDIR (unset)
    PATH=/home/chris/GNUstep/Tools:/usr/bin:/usr/bin:/bin:/usr/local/bin:/usr/X11R6/bin/:/usr/games:/usr/lib/qt3//bin:/home/chris/bin:/usr/lib/qt3//bin
    PERL_BADLANG (unset)
    SHELL=/bin/bash

• [perl #52552] pack "A*" and pack "a*" untaint data in 5.10.0 by Chris
• Re: [perl #52552] pack "A*" and pack "a*" untaint data in 5.10.0 by Eric Brine
• Re: [perl #52552] pack "A*" and pack "a*" untaint data in 5.10.0 by andreas.koenig.7os6VVqR
• Re: [perl #52552] pack "A*" and pack "a*" untaint data in 5.10.0 by Nicholas Clark