Closed p5pRT closed 20 years ago
The following script dies with:
Insecure dependency in system while running with -T switch at ./x line 6.
The script is:
#!/usr/local/bin/perl -T
$ENV{PATH} = "/bin:/usr/bin"; $a = 77; $b = sprintf("%1.2f"\, $a); system("echo $b");
Changing the 5th line to "$b = $a" fixes the problem.
Does someone have something against sprintf?
-Dave
PS. The platform information below is wrong. Here's the right stuff:
FreeBSD idiom.com 3.2-RELEASE FreeBSD 3.2-RELEASE #12: Tue Jun 1 15:34:35 PDT 1999 root@grin.idiom.com:/build/src/sys/compile/NEW i386
Site configuration information for perl 5.00502:
Configured by markm at $Date: 1999/01/17 09:53:34 $.
Summary of my perl5 (5.0 patchlevel 5 subversion 2) configuration: Platform: osname=freebsd\, osvers=3.0-current\, archname=i386-freebsd uname='freebsd 3.0-current #0: ' hint=recommended\, useposix=true\, d_sigaction=define usethreads=undef useperlio=undef d_sfio=undef Compiler: cc='cc'\, optimize='undef'\, gccversion=2.7.2.1 cppflags='' ccflags ='' stdchar='char'\, d_stdstdio=undef\, usevfork=true intsize=4\, longsize=4\, ptrsize=4\, doublesize=8 d_longlong=define\, longlongsize=8\, d_longdbl=define\, longdblsize=12 alignbytes=4\, usemymalloc=n\, prototype=define Linker and Libraries: ld='ld'\, ldflags ='-Wl\,-E ' libpth=/usr/lib libs=-lm -lc -lcrypt libc=undef\, so=so\, useshrplib=true\, libperl=libperl.so.3 Dynamic Linking: dlsrc=dl_dlopen.xs\, dlext=so\, d_dlsymun=undef\, ccdlflags=' ' cccdlflags='-DPIC -fpic'\, lddlflags='-shared '
Locally applied patches:
@INC for perl 5.00502: /usr/libdata/perl/5.00502/mach /usr/libdata/perl/5.00502 /usr/local/lib/perl5/site_perl/5.005/i386-freebsd /usr/local/lib/perl5/site_perl/5.005 .
Environment for perl 5.00502: HOME=/home/muir LANG (unset) LD_LIBRARY_PATH=.:/usr/lib:/usr/local/lib LOGDIR (unset) PATH=.:/home/muir/bin/idiom:/home/muir/bin:/home/muir/bin/share:/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/shbin:/usr/local/sbin:/usr/local/bin:/usr/local/ptybin:/usr/X11R6/bin:/usr/bin/X11:/usr/local/tex/bin:/usr/ucb:/usr/bin:/bin:/etc:/usr/etc:/usr/games:/lib:/usr/lib:/usr/local/java/bin:/usr/lib/uucp:/usr/openwin/bin:/usr/openwin/bin/xview:/usr/openwin/demo:/usr/adm:/home/muir/tmp PERL_BADLANG (unset) SHELL=/bin/tcsh
On Tue\, 27 Jul 1999 00:00:18 PDT\, David Muir Sharnoff wrote:
This is a bug report for perl from muir@idiom.com\, generated with the help of perlbug 1.26 running under perl 5.00502.
-----------------------------------------------------------------
The following script dies with:
Insecure dependency in system while running with -T switch at ./x line 6.
The script is:
#!/usr/local/bin/perl -T
$ENV{PATH} = "/bin:/usr/bin"; $a = 77; $b = sprintf("%1.2f"\, $a); system("echo $b");
Changing the 5th line to "$b = $a" fixes the problem.
Does someone have something against sprintf?
-Dave
PS. The platform information below is wrong. Here's the right stuff:
FreeBSD idiom.com 3.2-RELEASE FreeBSD 3.2-RELEASE #12: Tue Jun 1 15:34:35 PDT 1999 root@grin.idiom.com:/build/src/sys/compile/NEW i386
Perl's sprintf() uses the system's sprintf() for formatting floats\, which is apparently not safe on systems where locales can be overridden by users.
I don't know if this is still true on real systems (and freebsd)\, but it is unfortunate that such brokenness should affect Perl code. The attached patch will help most common scenarios.
Sarathy gsar@activestate.com
Gurusamy Sarathy writes:
I don't know if this is still true on real systems (and freebsd)\, but it is unfortunate that such brokenness should affect Perl code. The attached patch will help most common scenarios.
==== //depot/perl/perl.c#166 (text) ==== Index: perl/perl.c --- perl/perl.c.~1~ Sun Sep 12 13:09:05 1999 +++ perl/perl.c Sun Sep 12 13:09:05 1999 @@ -409\,6 +409\,11 @@ Safefree(PL_screamnext); PL_screamnext = 0;
+ /* float buffer */ + Safefree(PL_efloatbuf); + PL_efloatbuf = Nullch; + PL_efloatsize = 0; +
Can you reconfigure your diff-extractor to give diff the options -p?
+To cope with broken systems that allow the standard locales to be +overridden by malicious users\, the return value may be tainted +if any of the floating point formats are used and the conversion +yields something that doesn't look like a normal C-locale floating +point number. This happens regardless of whether C\
Why this in 'no locale' situation? Do you do the same for the NOK===>POK conversions?
Ilya
On Sun\, 12 Sep 1999 18:10:33 EDT\, Ilya Zakharevich wrote:
Gurusamy Sarathy writes:
==== //depot/perl/perl.c#166 (text) ==== Index: perl/perl.c --- perl/perl.c.~1~ Sun Sep 12 13:09:05 1999 +++ perl/perl.c Sun Sep 12 13:09:05 1999 @@ -409\,6 +409\,11 @@ [...] Can you reconfigure your diff-extractor to give diff the options -p?
No (unfortunately). The diff is handled internally in the perforce server. One *could* write a script to fetch the files before and after and do the diff using GNU diff (Porting/p4d2p would be the place to patch\, if you're feeling up to it). It would run much slower\, though\, because you will have to fetch the entire file twice (as opposed to fetching the very fast server diff just once). Which probably means I won't use it anyway. ;-)
+To cope with broken systems that allow the standard locales to be +overridden by malicious users\, the return value may be tainted +if any of the floating point formats are used and the conversion +yields something that doesn't look like a normal C-locale floating +point number. This happens regardless of whether C\
Why this in 'no locale' situation? Do you do the same for the NOK===>POK conversions?
No\, but I'm glad you asked. Perhaps Chip can tell us why only s?printf() are treated this way. Frankly\, I'd rather Perl didn't consider the C/POSIX locale untrustworthy\, but this behavior has been there since 5.004.
Whatever the reasons\, it appears NV->PV conversions had a better argument for the behavior than s?printf() because the latter is always forced to be in the C/POSIX locale while the former is not.
Sarathy gsar@activestate.com
Migrated from rt.perl.org#1047 (status was 'resolved')
Searchable as RT1047$