https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6558
--- Comment #14 from Mark Martinec <[email protected]> 2011-03-23 09:03:25 EDT --- > Seems to be a perl bug, affecting 5.8, 5.10, 5.12, but not 5.13.10. > I have reported the perl bug as [perl #86784]: > http://rt.perl.org/rt3/Ticket/Display.html?id=86784 I didn't realize this perl bug was reported before - so the #86784 is a duplicate of: * #8262: //g loops infinitely on tainted data * #27344: pos() does not get updated when running in taint mode * #5475: Bug in taint+regex+hash/arrays The #8262 brings the fix: Now fixed by commit fd69380d5d5b95ef16e2521cf4251b34ee0ce151 in branch davem/post-5.12, which should be merged back into blead once 5.12 has been released, and thus appear in 5.13 onwards. So yes, perl 5.13 is no longer affected. According to explanations there, using an array element or a hash element with magic as an operand of /.../g triggers the issue (the pos gets assigned to a temporary copy and is then lost). Both proposed solutions by Matt avoid the bug. The magic may be a taint, but can be other, like substr magic. In this regard we now know that we have avoided the bug with the proposed patch or a similar change. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
