Front page | perl.perl5.porters |
Postings from December 2010
[perl #81028] Taintedness of the first operand of a ternary '?:' propagate to unrelated expr in the same list
Thread Next
From:
Mark Martinec
Date:
December 20, 2010 17:11
Subject:
[perl #81028] Taintedness of the first operand of a ternary '?:' propagate to unrelated expr in the same list
Message ID:
rt-3.6.HEAD-5425-1292871600-1893.81028-75-0@perl.org
# New Ticket Created by Mark Martinec
# Please include the string: [perl #81028]
# in the subject line of all future correspondence about this issue.
# <URL: http://rt.perl.org/rt3/Ticket/Display.html?id=81028 >
This is a bug report for perl from Mark.Martinec@ijs.si,
generated with the help of perlbug 1.39 running under perl 5.12.2.
-----------------------------------------------------------------
Taintedness of the first operand of a ternary '?:'
propagate to unrelated expressions in the same argument list.
The following test case will illustrate the issue:
#!/usr/bin/perl -T
use Scalar::Util qw(tainted);
my $clean = "ccc"; # not tainted
my $t = "ttt" . substr($0,0,0); # tainted
sub a { print join(", ", map {tainted($_)?"Y":"n"} @_), "\n" };
a($t, $t?1:0, $clean, substr($clean,0,1), 0+$clean, $clean);
Y, n, n, Y, Y, n
I'm aware that taintedness propagation within an expressions
is rather simpleminded, nevertheless the above test case was
a surprise.
The variable $t is tainted, the $clean is not.
The ternary '?:' conditional operator nicely produces a
non-tainted result even if its first operand is tainted.
As expected the arguments $t?1:0 and $clean as passed
to the called subroutine are not tainted.
What is surprising is that substr($clean,0,1) and 0+$clean
are tainted, even though the $clean is not.
Can this be considered a bug? Can something be done
to restrict this case of a taintedness propagation?
[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
category=core
severity=low
---
Site configuration information for perl 5.12.2:
Configured by mark at Wed Nov 17 21:05:55 CET 2010.
Summary of my perl5 (revision 5 version 12 subversion 2) configuration:
Platform:
osname=freebsd, osvers=8.1-release, archname=amd64-freebsd
uname='freebsd neli.ijs.si 8.1-release freebsd 8.1-release #10: fri jul 30 15:39:39 cest 2010 mark@neli.ijs.si:usrobjusrsrcsysneli amd64 '
config_args='-sde -Dprefix=/usr/local -Darchlib=/usr/local/lib/perl5/5.12.2/mach -Dprivlib=/usr/local/lib/perl5/5.12.2 -Dman3dir=/usr/local/lib/perl5/5.12.2/perl/man/man3 -Dman1dir=/usr/local/man/man1 -Dsitearch=/usr/local/lib/perl5/site_perl/5.12.2/mach -Dsitelib=/usr/local/lib/perl5/site_perl/5.12.2 -Dscriptdir=/usr/local/bin -Dsiteman3dir=/usr/local/lib/perl5/5.12.2/man/man3 -Dsiteman1dir=/usr/local/man/man1 -Ui_malloc -Ui_iconv -Uinstallusrbinperl -Dcc=cc -Duseshrplib -Dinc_version_list=none -Dccflags=-DAPPLLIB_EXP="/usr/local/lib/perl5/5.12.2/BSDPAN" -Doptimize=-O2 -pipe -fno-strict-aliasing -Ui_gdbm -Dusethreads=n -Dusemymalloc=n -Duse64bitint'
hint=recommended, useposix=true, d_sigaction=define
useithreads=undef, usemultiplicity=undef
useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
use64bitint=define, use64bitall=define, uselongdouble=undef
usemymalloc=n, bincompat5005=undef
Compiler:
cc='cc', ccflags ='-DAPPLLIB_EXP="/usr/local/lib/perl5/5.12.2/BSDPAN" -DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include',
optimize='-O2 -pipe -fno-strict-aliasing',
cppflags='-DAPPLLIB_EXP="/usr/local/lib/perl5/5.12.2/BSDPAN" -DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
ccversion='', gccversion='4.2.1 20070719 [FreeBSD]', gccosandvers=''
intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
alignbytes=8, prototype=define
Linker and Libraries:
ld='cc', ldflags =' -Wl,-E -fstack-protector -L/usr/local/lib'
libpth=/usr/lib /usr/local/lib
libs=-lgdbm -lm -lcrypt -lutil
perllibs=-lm -lcrypt -lutil
libc=, so=so, useshrplib=true, libperl=libperl.so
gnulibc_version=''
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' -Wl,-R/usr/local/lib/perl5/5.12.2/mach/CORE'
cccdlflags='-DPIC -fPIC', lddlflags='-shared -L/usr/local/lib -fstack-protector'
Locally applied patches:
---
@INC for perl 5.12.2:
/usr/local/lib/perl5/5.12.2/BSDPAN
/usr/local/lib/perl5/site_perl/5.12.2/mach
/usr/local/lib/perl5/site_perl/5.12.2
/usr/local/lib/perl5/5.12.2/mach
/usr/local/lib/perl5/5.12.2
.
---
Environment for perl 5.12.2:
HOME=/home/mark
LANG (unset)
LANGUAGE=
LD_LIBRARY_PATH (unset)
LOGDIR (unset)
PATH=/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/kde4/bin/:/usr/local/kde4/sbin:/usr/X11R6/bin
PERL_BADLANG (unset)
SHELL=/usr/local/bin/bash
Thread Next
-
[perl #81028] Taintedness of the first operand of a ternary '?:' propagate to unrelated expr in the same list
by Mark Martinec