Skip Menu |
 

This queue is for tickets about the Encode CPAN distribution.

Report information
The Basics
Id: 41163
Status: resolved
Priority: 0/
Queue: Encode

People
Owner: Nobody in particular
Requestors: FANY [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: Normal
Broken in: 2.26
Fixed in: (no value)



Subject: _utf8_on() does not work for tainted values
MIME-Version: 1.0
X-Mailer: MIME-tools 5.426 (Entity 5.426)
Content-Type: text/plain
Charset: utf8
Content-Disposition: inline
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
Content-Length: 519
Download (untitled) / with headers
text/plain 519b
$ perl -MEncode=_utf8_on,is_utf8 -le '$_=shift;Encode::_utf8_on$_;print is_utf8($_)||"no"' foo 1 $ perl -T -MEncode=_utf8_on,is_utf8 -le '$_=shift;Encode::_utf8_on$_;print is_utf8($_)||"no"' foo no While there may be good reasons for not having the utf8 bit blindly activated for tainted data, I think this should at least be documented, and maybe the function should emit a warning or even die when called for a tainted value. Also see <http://rt.cpan.org/Ticket/Display.html?id=41161> on this issue. Regards, fany
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
Content-Disposition: inline
Charset: utf8
Content-Type: text/plain
Message-ID: <rt-3.6.HEAD-25718-1232576402-1065.41163-0-0 [...] rt.cpan.org>
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
Content-Length: 649
Download (untitled) / with headers
text/plain 649b
On Sun Nov 23 13:37:44 2008, FANY wrote: Show quoted text
> $ perl -MEncode=_utf8_on,is_utf8 -le '$_=shift;Encode::_utf8_on$_;print > is_utf8($_)||"no"' foo > 1 >
Document added in 2.27. Dan the Encode Maintainer Show quoted text
> $ perl -T -MEncode=_utf8_on,is_utf8 -le > '$_=shift;Encode::_utf8_on$_;print is_utf8($_)||"no"' foo > no > > While there may be good reasons for not having the utf8 bit blindly > activated for tainted data, I think this should at least be documented, > and maybe the function should emit a warning or even die when called for > a tainted value. > > Also see <http://rt.cpan.org/Ticket/Display.html?id=41161> on this issue. > > Regards, > fany


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.