perl-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoffrey Young <>
Subject [Fwd: [ #18584] Apache::DProf not taint safe]
Date Fri, 07 Apr 2006 11:43:07 GMT

-------- Original Message --------
Subject: [ #18584] Apache::DProf not taint safe
Date: Fri,  7 Apr 2006 06:14:01 -0400 (EDT)
From:  via RT <>
To: undisclosed-recipients:;
References: <>

Fri Apr 07 06:14:00 2006: Request 18584 was acted upon.
Transaction: Ticket created by DOMQ
       Queue: Apache-DB
     Subject: Apache::DProf not taint safe
       Owner: Nobody
      Status: new
 Ticket <URL: >

Apache::DProf::handler() calls File::Path::mkpath() on a tainted
parameter, which throws an exception when PerlTaintCheck is On.

The problem is due to Apache->server_root_relative() returning tainted
results under MP1, and although I didn't test that, I highly suspect all
other methods of computing $prof pick up some taint too (from the
environment I'm pretty sure, and from the MP2 API probably too).

Attached patch fixes that by applying an adequate regex operation on
$dir within handler(), and adds a regression test.

View raw message