perl-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoffrey Young <ge...@modperlcookbook.org>
Subject [Fwd: [rt.cpan.org #18584] Apache::DProf not taint safe]
Date Fri, 07 Apr 2006 11:43:07 GMT


-------- Original Message --------
Subject: [rt.cpan.org #18584] Apache::DProf not taint safe
Date: Fri,  7 Apr 2006 06:14:01 -0400 (EDT)
From:  via RT <bug-Apache-DB@rt.cpan.org>
Reply-To: bug-Apache-DB@rt.cpan.org
To: undisclosed-recipients:;
References: <RT-Ticket-18584@rt.cpan.org>


Fri Apr 07 06:14:00 2006: Request 18584 was acted upon.
Transaction: Ticket created by DOMQ
       Queue: Apache-DB
     Subject: Apache::DProf not taint safe
       Owner: Nobody
  Requestors: DOMQ@cpan.org
      Status: new
 Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=18584 >


Apache::DProf::handler() calls File::Path::mkpath() on a tainted
parameter, which throws an exception when PerlTaintCheck is On.

The problem is due to Apache->server_root_relative() returning tainted
results under MP1, and although I didn't test that, I highly suspect all
other methods of computing $prof pick up some taint too (from the
environment I'm pretty sure, and from the MP2 API probably too).

Attached patch fixes that by applying an adequate regex operation on
$dir within handler(), and adds a regression test.



Mime
View raw message