On Wed, Aug 21, 2002 at 07:50:13PM +1000, Bradley Baetz wrote: > On Wed, 21 Aug 2002, Tim Bunce wrote: > > > Probably (well spotted). There's a $sth->_set_fbav( \@fieldvalues) method > > you could try that copies the supplied values into the row array. > > PurePerl uses that, but _set_fbav doesn't taint the values. Hmm.
Hmm. > > Try using _set_fbav(). If that doesn't work then try reenabling the TaintOut > > logic in the dispatch code, but only if the methodname starts with 'fetch'. > > Will that catch do, + the select* variants? The select*, yes, the do, no. But I think that's not a problem. (I don't see much need to taint the row count.) Tim.
