upstream/oracle/userland-gate: components/perl/perl522/patches/0001-perl-126862-ensure-File-Spec-canonpath-preserves-tai.patch@63d6ec724bea (annotated)

5554 63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	1	From b6307f728a4f842a54ea96959e386c7daa92ece1 Mon Sep 17 00:00:00 2001
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	2	From: Tony Cook <[email protected]>
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	3	Date: Tue, 15 Dec 2015 10:56:54 +1100
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	4	Subject: [perl #126862] ensure File::Spec::canonpath() preserves taint
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	5
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	6	Previously the unix specific XS implementation of canonpath() would
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	7	return an untainted path when supplied a tainted path.
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	8
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	9	For the empty string case, newSVpvs() already sets taint as needed on
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	10	its result.
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	11	---
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	12	dist/PathTools/Cwd.xs \| 1 +
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	13	dist/PathTools/t/taint.t \| 19 ++++++++++++++++++-
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	14	2 files changed, 19 insertions(+), 1 deletion(-)
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	15
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	16	diff --git a/dist/PathTools/Cwd.xs b/dist/PathTools/Cwd.xs
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	17	index 9d4dcf0..3d018dc 100644
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	18	--- a/dist/PathTools/Cwd.xs
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	19	+++ b/dist/PathTools/Cwd.xs
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	20	@@ -535,6 +535,7 @@ THX_unix_canonpath(pTHX_ SV *path)
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	21	*o = 0;
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	22	SvPOK_on(retval);
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	23	SvCUR_set(retval, o - SvPVX(retval));
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	24	+ SvTAINT(retval);
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	25	return retval;
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	26	}
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	27
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	28	diff --git a/dist/PathTools/t/taint.t b/dist/PathTools/t/taint.t
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	29	index 309b3e5..48f8c5b 100644
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	30	--- a/dist/PathTools/t/taint.t
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	31	+++ b/dist/PathTools/t/taint.t
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	32	@@ -12,7 +12,7 @@ use Test::More;
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	33	BEGIN {
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	34	plan(
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	35	${^TAINT}
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	36	- ? (tests => 17)
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	37	+ ? (tests => 21)
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	38	: (skip_all => "A perl without taint support")
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	39	);
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	40	}
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	41	@@ -34,3 +34,20 @@ foreach my $func (@Functions) {
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	42
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	43	# Previous versions of Cwd tainted $^O
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	44	is !tainted($^O), 1, "\$^O should not be tainted";
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	45	+
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	46	+{
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	47	+ # [perl #126862] canonpath() loses taint
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	48	+ my $tainted = substr($ENV{PATH}, 0, 0);
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	49	+ # yes, getcwd()'s result should be tainted, and is tested above
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	50	+ # but be sure
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	51	+ ok tainted(File::Spec->canonpath($tainted . Cwd::getcwd)),
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	52	+ "canonpath() keeps taint on non-empty string";
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	53	+ ok tainted(File::Spec->canonpath($tainted)),
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	54	+ "canonpath() keeps taint on empty string";
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	55	+
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	56	+ (Cwd::getcwd() =~ /^(.*)/);
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	57	+ my $untainted = $1;
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	58	+ ok !tainted($untainted), "make sure our untainted value is untainted";
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	59	+ ok !tainted(File::Spec->canonpath($untainted)),
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	60	+ "canonpath() doesn't add taint to untainted string";
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	61	+}
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	62	--
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	63	2.1.4
63d6ec724bea PSARC 2016/024 Add Perl 5.22, Remove Perl 5.20 Craig Mohrman <craig.mohrman@oracle.com> parents: diff changeset	64

author	Craig Mohrman <craig.mohrman@oracle.com>
	Fri, 04 Mar 2016 13:37:19 -0800
changeset 5554	63d6ec724bea
permissions	-rw-r--r--