Subject: [PATCH] Untaint DATA after it's reopened
DATA handle is untainted on startup, but as we close and reopen it it
gets the taint flag. It's safe to untaint it though, since we still hold
the file descriptor open and don't reassign it to another file.
This was probably broken by changeset 29606, (c96b2385 in perl git).
| Subject: | 0001-Untaint-DATA-after-it-s-reopened.patch |
From ef63550b678b47504b4af0290c658839629ffec7 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Mon, 11 Jan 2010 19:27:54 +0100
Subject: [PATCH] Untaint DATA after it's reopened
DATA handle is untainted on startup, but as we close and reopen it it
gets the taint flag. It's safe to untaint it though, since we still hold
the file descriptor open and don't reassign it to another file.
This was probably broken by changeset 29606, (c96b2385 in perl git).
---
lib/SelfLoader.pm | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/lib/SelfLoader.pm b/lib/SelfLoader.pm
index 047f776..20e02cc 100644
--- a/lib/SelfLoader.pm
+++ b/lib/SelfLoader.pm
@@ -1,7 +1,8 @@
package SelfLoader;
use 5.008;
use strict;
-our $VERSION = "1.17";
+use IO::Handle;
+our $VERSION = "1.18";
# The following bit of eval-magic is necessary to make this work on
# perls < 5.009005.
@@ -102,6 +103,7 @@ sub _load_stubs {
close $fh or die "close: $!"; # autocloses, but be paranoid
open $fh, '<&', $nfh or croak "reopen2: $!"; # dup() the fd "back"
close $nfh or die "close after reopen: $!"; # autocloses, but be paranoid
+ $fh->untaint;
}
$Cache{"${currpack}::<DATA"} = 1; # indicate package is cached
--
1.6.5.2