FYI I just uploaded Apache::DB v0.13 to CPAN which fixes this taint issue.
--------------------------------- Frank Wiles <[EMAIL PROTECTED]> http://www.wiles.org --------------------------------- On Fri, 07 Apr 2006 07:43:07 -0400 Geoffrey Young <[EMAIL PROTECTED]> wrote: > > > -------- Original Message -------- > Subject: [rt.cpan.org #18584] Apache::DProf not taint safe > Date: Fri, 7 Apr 2006 06:14:01 -0400 (EDT) > From: via RT <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > To: undisclosed-recipients:; > References: <[EMAIL PROTECTED]> > > > Fri Apr 07 06:14:00 2006: Request 18584 was acted upon. > Transaction: Ticket created by DOMQ > Queue: Apache-DB > Subject: Apache::DProf not taint safe > Owner: Nobody > Requestors: [EMAIL PROTECTED] > Status: new > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=18584 > > > > Apache::DProf::handler() calls File::Path::mkpath() on a tainted > parameter, which throws an exception when PerlTaintCheck is On. > > The problem is due to Apache->server_root_relative() returning tainted > results under MP1, and although I didn't test that, I highly suspect > all other methods of computing $prof pick up some taint too (from the > environment I'm pretty sure, and from the MP2 API probably too). > > Attached patch fixes that by applying an adequate regex operation on > $dir within handler(), and adds a regression test. > > > --------------------------------- Frank Wiles <[EMAIL PROTECTED]> http://www.wiles.org --------------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
