perl/perl-5.14.2-digest_eval.patch

29 lines
843 B
Diff
Raw Normal View History

2011-10-04 11:39:56 +00:00
From dbcab24bb98b4a243c8330bc7017c2080832b3f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Tue, 4 Oct 2011 13:46:39 +0200
Subject: [PATCH] Fix code injection in Digest
See <https://bugzilla.redhat.com/show_bug.cgi?id=743010> for more details.
---
cpan/Digest/Digest.pm | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm
index 384dfc8..4b923ae 100644
--- a/cpan/Digest/Digest.pm
+++ b/cpan/Digest/Digest.pm
@@ -35,7 +35,9 @@ sub new
($class, @args) = @$class if ref($class);
no strict 'refs';
unless (exists ${"$class\::"}{"VERSION"}) {
- eval "require $class";
+ my $pm_file = $class . ".pm";
+ $pm_file =~ s{::}{/}g;
+ eval { require $pm_file };
if ($@) {
$err ||= $@;
next;
--
1.7.6.4