Skip Menu |
 

This queue is for tickets about the Scalar-List-Utils CPAN distribution.

Report information
The Basics
Id: 119169
Status: patched
Priority: 0/
Queue: Scalar-List-Utils

People
Owner: Nobody in particular
Requestors: davem [...] iabyn.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: t/tainted.t intermittently fails
Date: Wed, 7 Dec 2016 15:41:58 +0000
To: bug-Scalar-List-Utils [...] rt.cpan.org
From: Dave Mitchell <davem [...] iabyn.com>
Download (untitled) / with headers
text/plain 563b
In the perl core, cpan/Scalar-List-Utils/t/tainted.t is intermittently failing, because it chooses a random element of %ENV (skipping keys starting with /^PERL/) and checks that it is tainted. However, Test::Simple these days adds these to %ENV: $ENV{TEST_ACTIVE} ||= 1; $ENV{TEST2_ACTIVE} = 1; which won't be tainted. So either /^PERL/ needs changing to /^(PERL|TEST)/, or more robustly, perhaps it shouldn't be using %ENV as a source of known taintedness, and maybe use $^X instead? -- Fire extinguisher (n) a device for holding open fire doors.
Download (untitled) / with headers
text/plain 346b
On Wed Dec 07 10:42:15 2016, davem@iabyn.com wrote: Show quoted text
> which won't be tainted. So either /^PERL/ needs changing to > /^(PERL|TEST)/, or more robustly, perhaps it shouldn't be using %ENV as a > source of known taintedness, and maybe use $^X instead?
Either of those sound plausible. I like the inherent simplicity of picking $^X. -- Paul Evans
Download (untitled) / with headers
text/plain 558b
On Wed Dec 07 11:10:33 2016, PEVANS wrote: Show quoted text
> On Wed Dec 07 10:42:15 2016, davem@iabyn.com wrote:
> > which won't be tainted. So either /^PERL/ needs changing to > > /^(PERL|TEST)/, or more robustly, perhaps it shouldn't be using %ENV > > as a > > source of known taintedness, and maybe use $^X instead?
> > Either of those sound plausible. I like the inherent simplicity of > picking $^X.
Additional sightings discussed on p5p list starting here: http://www.nntp.perl.org/group/perl.perl5.porters/2016/12/msg241560.html Thank you very much. Jim Keenan
Download (untitled) / with headers
text/plain 612b
On Wed Dec 07 11:10:33 2016, PEVANS wrote: Show quoted text
> On Wed Dec 07 10:42:15 2016, davem@iabyn.com wrote:
> > which won't be tainted. So either /^PERL/ needs changing to > > /^(PERL|TEST)/, or more robustly, perhaps it shouldn't be using %ENV > > as a > > source of known taintedness, and maybe use $^X instead?
> > Either of those sound plausible. I like the inherent simplicity of > picking $^X.
Paul, do you think you will be applying a fix soon? This intermittent failure is often the only failure in a smoke report on Perl 5 blead, e.g., http://perl5.test-smoke.org/report/52519. Thank you very much. Jim Keenan
Download (untitled) / with headers
text/plain 165b
On Sat Dec 17 18:48:17 2016, JKEENAN wrote: Show quoted text
> > Either of those sound plausible. I like the inherent simplicity of > > picking $^X.
Done in source. -- Paul Evans
Download (untitled) / with headers
text/plain 562b
On Thu Dec 22 13:48:05 2016, PEVANS wrote: Show quoted text
> On Sat Dec 17 18:48:17 2016, JKEENAN wrote:
> > > Either of those sound plausible. I like the inherent simplicity of > > > picking $^X.
> > Done in source.
Are we okay to merge Scalar-List-Utils-1.47 into perl 5 blead? (In blead there is a work-around in t/tainted.t -- but that work-around expired once perl-5.25.9 was released, which means that we're once again getting smoke testing failures (e.g., http://perl.develop-help.com/raw/?id=198015).) Thank you very much. Jim Keenan Thank you very much. Jim Keenan
Subject: Re: [rt.cpan.org #119169] t/tainted.t intermittently fails
Date: Sat, 21 Jan 2017 16:42:58 +0000
To: James E Keenan via RT <bug-Scalar-List-Utils [...] rt.cpan.org>
From: Dave Mitchell <davem [...] iabyn.com>
Download (untitled) / with headers
text/plain 1.4k
On Sat, Jan 21, 2017 at 11:21:31AM -0500, James E Keenan via RT wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=119169 > > > On Thu Dec 22 13:48:05 2016, PEVANS wrote:
> > On Sat Dec 17 18:48:17 2016, JKEENAN wrote:
> > > > Either of those sound plausible. I like the inherent simplicity of > > > > picking $^X.
> > > > Done in source.
> > > Are we okay to merge Scalar-List-Utils-1.47 into perl 5 blead? > > (In blead there is a work-around in t/tainted.t -- but that work-around expired once perl-5.25.9 was released, which means that we're once again getting smoke testing failures (e.g., http://perl.develop-help.com/raw/?id=198015).)
There are a bunch of customisations in blead courtesy of Jarkko - fixes for vax floating-point issues by the look of them - which seems to be fairly naughty of him. These don't appear to have made it into 1.47. https://rt.cpan.org/Public/Bug/Display.html?id=118470 We'd either have to reapply those customisations or wait for 1.48. In the meantime we could bump the skip version number for the tainted.t test in blead. -- "But Sidley Park is already a picture, and a most amiable picture too. The slopes are green and gentle. The trees are companionably grouped at intervals that show them to advantage. The rill is a serpentine ribbon unwound from the lake peaceably contained by meadows on which the right amount of sheep are tastefully arranged." -- Lady Croom, "Arcadia"
Download (untitled) / with headers
text/plain 664b
On 2017-01-21 16:21:26, JKEENAN wrote: Show quoted text
> On Thu Dec 22 13:48:05 2016, PEVANS wrote:
> > On Sat Dec 17 18:48:17 2016, JKEENAN wrote:
> > > > Either of those sound plausible. I like the inherent simplicity > > > > of > > > > picking $^X.
> > > > Done in source.
> > (In blead there is a work-around in t/tainted.t -- but that work- > around expired once perl-5.25.9 was released, which means that we're > once again getting smoke testing failures (e.g., http://perl.develop- > help.com/raw/?id=198015).)
FYI, I got fed up with the reappearance of this intermittent failure, so I've cherry-picked the change to use $^X instead of %ENV into blead. Cheers, Ilmari


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.