Skip Menu |
 

This queue is for tickets about the Scalar-List-Utils CPAN distribution.

Report information
The Basics
Id: 55763
Status: resolved
Priority: 0/
Queue: Scalar-List-Utils

People
Owner: Nobody in particular
Requestors: davem [...] iabyn.com
Cc:
AdminCc:

Bug Information
Severity: Normal
Broken in: 1.23
Fixed in: 1.23_02



Subject: tainted() doesn't do SvGETMAGIC(sv)
Download (untitled) / with headers
text/plain 686b
tainted() doesn't run get magic before testing the value for taintedness. This gives effects like the following: use Scalar::Util qw(tainted); sub TIESCALAR { bless {} } sub FETCH { $^X } tie my $t, 'main'; print 'bare $t ', tainted($t) ? 'tainted' : 'not tainted', "\n"; print 'stringy $t ', tainted("$t") ? 'tainted' : 'not tainted', "\n"; which gives: bare $t not tainted stringy $t tainted This originally came up in https://rt.perl.org/rt3/Ticket/Display.html?id=56490 where regex magic vars were incorrectly reported as being not tainted. Rick Delaney suggested adding SvGETMAGIC(sv); Alternatively, tainted() needs documenting that this is how it works. Dave M


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.