| CC: | bug-Chart-Math-Axis [...] rt.cpan.org |
| Subject: | Chart::Math::Axis bug with -T switch |
| Date: | Thu, 12 Oct 2006 19:43:44 +0100 |
| To: | cpan [...] ali.as |
| From: | Roy Chaudhuri <roy [...] colibase.bham.ac.uk> |
Hi.
I'm using your Chart::Math::Axis module from CPAN, which I find quite
incredibly useful (thanks). However, when I use it in a script with the
-T switch it causes a segmentation fault when I call new with untainted
data. Here's a simple test case on the command line:
Show quoted text
cmd> perl -T -MChart::Math::Axis -e 'Chart::Math::Axis->new(1, 0.5);
print "Works\n"'
Works
Show quoted textcmd> perl -MChart::Math::Axis -e 'Chart::Math::Axis->new(@ARGV); print
"Works\n"' 1 0.5
Works
Show quoted textcmd> perl -T -MChart::Math::Axis -e 'Chart::Math::Axis->new(@ARGV);
print "Works\n"' 1 0.5
Segmentation fault (core dumped)
This seems odd to me, since I can't imagine that Chart::Math::Axis is
doing any interaction with the system that might be considered
dangerous. Even if it was, a segmentation fault (although preferable to
continuing with untainted data) is never the right thing to do. I tried
the above command on two different systems (one Fedora core 3, one
Gentoo) and got the same problem. The perl version is 5.8.6.
I ran through with the debugger, and the problem seems to be caused by
line 284 in the _order_of_magnitude sub, which I think at the time of
the problem calls Math::BigFloat->new(1). However running:
Show quoted textcmd> perl -T -MMath::BigFloat -e 'Math::BigFloat->new($ARGV[0])' 1
works without problems, so it doesn't seem to be a problem with that module.
It'd be great if you can shed any light on what's going on. I guess a
simple 'fix' that you could apply would be to throw an error if anyone
supplies tainted data.
Cheers.
Roy.
--
Dr. Roy Chaudhuri
Bioinformatics Research Fellow
Division of Immunity and Infection
University of Birmingham, U.K.
http://xbase.bham.ac.uk