Ok, I've tracked this down a bit more, and I think it's a perl problem. Basically it seems tainted variables and utf-8 don't work together. I did find one example of someone posting the same problem:
http://groups.google.com/groups?q=taint+group:perl.unicode&hl=en&lr=&ie=UTF-8&group=perl.unicode&selm=4.2.0.58.J.20040101203406.009d32e0%40dream.big.or.jp&rnum=1 Seems it's still not fixed in 5.8.4. Example code to reproduce shown below... Rob ----- #!/usr/bin/perl -T package main; use Encode qw(is_utf8 _utf8_on); use Scalar::Util qw(tainted); use strict; sub handler { open(F, ">/tmp/tainttest") || die "could not open: $!"; print F "aaa"; close(F); my $a = "\x{1234}"; warn '$a is utf8: ' . (is_utf8($a) ? 1 : 0) . " (expect 1)\n"; warn '$a is tainted: ' . (tainted($a) ? 1 : 0) . " (expect 0)\n"; open(F, "/tmp/tainttest") || die "could not open: $!"; my $b = <F>; close(F); warn '$b is utf8: ' . (is_utf8($b) ? 1 : 0) . " (expect 0)\n"; warn '$b is tainted: ' . (tainted($b) ? 1 : 0) . " (expect 1)\n"; my $c = $a . $b; warn '$c is utf8: ' . (is_utf8($c) ? 1 : 0) . " (expect 1)\n"; warn '$c is tainted: ' . (tainted($c) ? 1 : 0) . " (expect 1)\n"; _utf8_on($c); warn '$c is utf8: ' . (is_utf8($c) ? 1 : 0) . " (expect 1)\n"; warn '$c is tainted: ' . (tainted($c) ? 1 : 0) . " (expect 1)\n"; my ($d) = ($b =~ /(.*)/); warn '$d is utf8: ' . (is_utf8($d) ? 1 : 0) . " (expoct 0)\n"; warn '$d is tainted: ' . (tainted($d) ? 1 : 0) . " (expoct 0)\n"; my $e = $a . $d; warn '$e is utf8: ' . (is_utf8($e) ? 1 : 0) . " (expect 1)\n"; warn '$e is tainted: ' . (tainted($e) ? 1 : 0) . " (expoct 0)\n"; $c = $a . $d; warn '$c is utf8: ' . (is_utf8($c) ? 1 : 0) . " (expect 1)\n"; warn '$c is tainted: ' . (tainted($c) ? 1 : 0) . " (expoct 0)\n"; my @a = ($a, $b); my $f = "@a"; warn '$f is utf8: ' . (is_utf8($f) ? 1 : 0) . " (expect 1)\n"; warn '$f is tainted: ' . (tainted($f) ? 1 : 0) . " (expoct 1)\n"; @a = ($a, $d); $f = "@a"; warn '$f is utf8: ' . (is_utf8($f) ? 1 : 0) . " (expect 1)\n"; warn '$f is tainted: ' . (tainted($f) ? 1 : 0) . " (expoct 0)\n"; } handler(); ----- $a is utf8: 1 (expect 1) $a is tainted: 0 (expect 0) $b is utf8: 0 (expect 0) $b is tainted: 1 (expect 1) $c is utf8: 0 (expect 1) $c is tainted: 1 (expect 1) $c is utf8: 0 (expect 1) $c is tainted: 1 (expect 1) $d is utf8: 0 (expoct 0) $d is tainted: 0 (expoct 0) $e is utf8: 1 (expect 1) $e is tainted: 0 (expoct 0) $c is utf8: 1 (expect 1) $c is tainted: 0 (expoct 0) $f is utf8: 0 (expect 1) $f is tainted: 1 (expoct 1) $f is utf8: 1 (expect 1) $f is tainted: 0 (expoct 0) -- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
