p5pRT
commented
23 years ago From jimc@math.ucla.edu
Run these commands (irrelevant parts omitted):
#!/usr/local/bin/perl -T my($hacked) = `uname -n`; #This is definitely tainted. my($this) = { key1 => val1\, hacked => $hacked\, key2 => val2 };
You will find that $this->{key2} is tainted (as well as $this->{hacked}\, as it should be)\, but $this->{key1} is not. If there were more key-value pairs\, and (hacked => $hacked) were moved to earlier or later positions\, it and all following members would be tainted.
In contrast\, if you do:
my(@stuff) = (key1 => val1\, hacked => $hacked\, key2 => val2);
only the one member is tainted. (But in {@stuff}\, subsequent values are tainted\, same as before.)
When a hash member is set to a tainted value\, only that one member should be tainted\, not otherwise innocent bystander members.
Flags: category=core severity=medium
Site configuration information for perl v5.6.0:
Configured by root at Thu Feb 8 14:22:31 PST 2001.
Summary of my perl5 (revision 5.0 version 6 subversion 0) configuration: Platform: osname=solaris\, osvers=2.5\, archname=sun4-solaris uname='sunos deodar 5.5 generic_103093-26 sun4d sparc sunw\,sparcserver-1000 ' config_args='' hint=previous\, useposix=true\, d_sigaction=define usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef useperlio=undef d_sfio=undef uselargefiles=define use64bitint=undef use64bitall=undef uselongdouble=undef usesocks=undef Compiler: cc='gcc'\, optimize='-O'\, gccversion=2.95.2 19991024 (release) cppflags='-fno-strict-aliasing -I/usr/local/include' ccflags ='-fno-strict-aliasing -I/usr/local/include' stdchar='unsigned char'\, d_stdstdio=define\, usevfork=false intsize=4\, longsize=4\, ptrsize=4\, doublesize=8 d_longlong=define\, longlongsize=8\, d_longdbl=define\, longdblsize=16 ivtype='long'\, ivsize=4\, nvtype='double'\, nvsize=8\, Off_t='off_t'\, lseeksize=4 alignbytes=8\, usemymalloc=y\, prototype=define Linker and Libraries: ld='gcc'\, ldflags =' -L/usr/local/lib ' libpth=/usr/local/lib /lib /usr/lib /usr/ccs/lib libs=-lsocket -lnsl -lgdbm -ldl -lm -lc -lcrypt -lsec libc=/lib/libc.so\, so=so\, useshrplib=false\, libperl=libperl.a Dynamic Linking: dlsrc=dl_dlopen.xs\, dlext=so\, d_dlsymun=undef\, ccdlflags=' ' cccdlflags='-fPIC'\, lddlflags='-G -L/usr/local/lib'
Locally applied patches:
@INC for perl v5.6.0: /usr/local/lib/perl5/perl-5.6.0/lib/5.6.0/sun4-solaris /usr/local/lib/perl5/perl-5.6.0/lib/5.6.0 /usr/local/lib/perl5/site_perl/sun4-solaris /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/site_perl .
Environment for perl v5.6.0: HOME=/u/bodhi/h1/maint/jimc LANG (unset) LANGUAGE (unset) LD_LIBRARY_PATH=/usr/lib:/usr/platform/SUNW\,Ultra-5_10/lib:/usr/openwin/lib:/usr/ucblib:/usr/4lib:/usr/local/lib:/usr/local/mathlib:/usr/local/SUNWspro/lib LOGDIR (unset) PATH=.:/u/bodhi/h1/maint/jimc/bin.sparc:/u/bodhi/h1/maint/jimc/bin:/usr/math/etc:/etc:/usr/local/etc:/usr/ccs/bin:/usr/math/bin:/usr/local/bin:/usr/ucb:/bin:/usr/bin:/usr/dt/bin:/sbin:/usr/sbin:/usr/local/hosts:/usr/openwin/bin:/usr/bin/X11:/usr/local/netpbm/bin:/usr/local/share/tex/bin:/usr/local/SUNWspro/bin:/usr/local/ncarg/bin PERL_BADLANG (unset) SHELL=/usr/local/bin/tcsh
Migrated from rt.perl.org#5828 (status was 'resolved')
Searchable as RT5828$