From 724ab9627b54985de979bb395e0670608b6230c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcela=20Ma=C5=A1l=C3=A1=C5=88ov=C3=A1?= Date: Sat, 2 Apr 2011 09:38:33 +0200 Subject: [PATCH] lc launders tainted flag, RT #87336 --- ...-first-fail-to-taint-the-returned-st.patch | 62 +++++++++++++++++++ perl.spec | 12 +++- 2 files changed, 73 insertions(+), 1 deletion(-) create mode 100644 perl-87336-lc-uc-first-fail-to-taint-the-returned-st.patch diff --git a/perl-87336-lc-uc-first-fail-to-taint-the-returned-st.patch b/perl-87336-lc-uc-first-fail-to-taint-the-returned-st.patch new file mode 100644 index 0000000..fde16fc --- /dev/null +++ b/perl-87336-lc-uc-first-fail-to-taint-the-returned-st.patch @@ -0,0 +1,62 @@ +diff -up perl-5.12.3/pp.c.87 perl-5.12.3/pp.c +--- perl-5.12.3/pp.c.87 2011-01-09 21:20:58.000000000 +0100 ++++ perl-5.12.3/pp.c 2011-04-01 15:06:23.000000000 +0200 +@@ -3949,6 +3949,8 @@ PP(pp_ucfirst) + SvCUR_set(dest, need - 1); + } + } ++ if (dest != source && SvTAINTED(source)) ++ SvTAINT(dest); + SvSETMAGIC(dest); + RETURN; + } +@@ -4008,7 +4010,8 @@ PP(pp_uc) + SvUPGRADE(dest, SVt_PV); + d = (U8*)SvGROW(dest, min); + (void)SvPOK_only(dest); +- ++ if (dest != source && SvTAINTED(source)) ++ SvTAINT(dest); + SETs(dest); + } + +@@ -4433,6 +4436,8 @@ PP(pp_lc) + SvCUR_set(dest, d - (U8*)SvPVX_const(dest)); + } + } ++ if (dest != source && SvTAINTED(source)) ++ SvTAINT(dest); + SvSETMAGIC(dest); + RETURN; + } +diff -up perl-5.12.3/t/op/taint.t.87 perl-5.12.3/t/op/taint.t +--- perl-5.12.3/t/op/taint.t.87 2011-01-09 21:20:58.000000000 +0100 ++++ perl-5.12.3/t/op/taint.t 2011-04-01 15:07:43.000000000 +0200 +@@ -17,7 +17,7 @@ use Config; + use File::Spec::Functions; + + BEGIN { require './test.pl'; } +-plan tests => 302; ++plan tests => 306; + + $| = 1; + +@@ -1318,6 +1318,18 @@ foreach my $ord (78, 163, 256) { + unlike($err, qr/^\d+$/, 'tainted $!'); + } + ++{ ++ # [perl #87336] lc/uc(first) failing to taint the returned string ++ my $source = "foo$TAINT"; ++ my $dest = lc $source; ++ test $dest, "lc(tainted) taints its return value"; ++ $dest = lcfirst $source; ++ test $dest, "lcfirst(tainted) taints its return value"; ++ $dest = uc $source; ++ test $dest, "uc(tainted) taints its return value"; ++ $dest = ucfirst $source; ++ test $dest, "ucfirst(tainted) taints its return value"; ++} + + # This may bomb out with the alarm signal so keep it last + SKIP: { diff --git a/perl.spec b/perl.spec index 0b89b18..60715e5 100644 --- a/perl.spec +++ b/perl.spec @@ -21,7 +21,7 @@ Name: perl Version: %{perl_version} # release number must be even higher, becase dual-lived modules will be broken otherwise -Release: 157%{?dist} +Release: 158%{?dist} Epoch: %{perl_epoch} Summary: Practical Extraction and Report Language Group: Development/Languages @@ -81,6 +81,11 @@ Patch9: perl-5.12.2-h2ph.patch # Update ExtUtils::ParseXS to 2.2206 Patch10: perl-ExtUtils-ParseXS-2.2206.patch +# 692900 - lc launders tainted flag, RT #87336 +Patch11: perl-87336-lc-uc-first-fail-to-taint-the-returned-st.patch + +# Update some of the bundled modules +# see http://fedoraproject.org/wiki/Perl/perl.spec for instructions BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRequires: db4-devel, gdbm-devel, groff, tcsh, zlib-devel, systemtap-sdt-devel @@ -951,6 +956,7 @@ tarball from perl.org. %patch8 -p1 %patch9 -p1 %patch10 -p1 +%patch11 -p1 #copy the example script cp -a %{SOURCE5} . @@ -1164,6 +1170,7 @@ pushd %{build_archlib}/CORE/ 'Fedora Patch8: Do not leak when destroying thread; RT #77352' \ 'Fedora Patch9: h2ph produces incorrect code in preamble, based mainly on RT #74614 ' \ 'Fedora Patch10: Update ExtUtils::ParseXS to 2.2206' \ + 'Fedora Patch11: lc launders tainted flag RT #87336' \ %{nil} rm patchlevel.bak @@ -1964,6 +1971,9 @@ rm -rf $RPM_BUILD_ROOT # Old changelog entries are preserved in CVS. %changelog +* Fri Apr 1 2011 Marcela Mašláňová - 4:5.12.3-158 +- 692900 - lc launders tainted flag, RT #87336 + * Fri Apr 1 2011 Robin Lee - 4:5.12.3-157 - Cwd.so go to the PathTools sub-package