I've noticed that currently we don't run the tests under -T, this patch
enables -T mode and fixes one taint problem.
BTW, Doug, try to comment out the untaint patch in the second file.
apache/post dumps core then, when run with other tests '.t/TEST apache'.
But works fine standalone.
Index: Apache-Test/lib/Apache/TestConfig.pm
===================================================================
RCS file: /home/cvs/httpd-test/perl-framework/Apache-Test/lib/Apache/TestConfig.pm,v
retrieving revision 1.50
diff -u -r1.50 TestConfig.pm
--- Apache-Test/lib/Apache/TestConfig.pm 2001/08/28 16:02:56 1.50
+++ Apache-Test/lib/Apache/TestConfig.pm 2001/09/05 04:26:36
@@ -940,6 +940,9 @@
HostnameLookups Off
+# make sure that we test under Taint mode
+PerlSwitches -T
+
<Directory />
Options FollowSymLinks
AllowOverride None
Index: Apache-Test/lib/Apache/TestConfigParse.pm
===================================================================
RCS file:
/home/cvs/httpd-test/perl-framework/Apache-Test/lib/Apache/TestConfigParse.pm,v
retrieving revision 1.7
diff -u -r1.7 TestConfigParse.pm
--- Apache-Test/lib/Apache/TestConfigParse.pm 2001/08/20 15:20:50 1.7
+++ Apache-Test/lib/Apache/TestConfigParse.pm 2001/09/05 04:26:36
@@ -220,6 +220,8 @@
my $version;
my $cmd = "$httpd -v";
+ # untaint
+ $ENV{PATH} = '/bin:/usr/bin';
open my $v, '-|', $cmd or die "$cmd failed: $!";
local $_;
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:[EMAIL PROTECTED] http://apachetoday.com http://eXtropia.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
