PERFORCE change 11879 for review

Jarkko Hietaniemi Wed, 05 Sep 2001 05:47:30 -0700
Change 11879 by jhi@alpha on 2001/09/05 12:12:18

        Subject: [PATCH lib/Cwd.pm] cwd() taint safe  (was Re: [PATCH lib/Cwd.pm 
ext/Cwd/Makefile.PL] Full doc cleanup (was  Re: [PATCH lib/Cwd.pm]  Try this again.))
        From: Michael G Schwern <[EMAIL PROTECTED]>
        Date: Tue, 4 Sep 2001 17:39:13 -0400
        Message-ID: <20010904173913.C626@blackrider>

Affected files ...

... //depot/perl/lib/Cwd.pm#44 edit

Differences ...

==== //depot/perl/lib/Cwd.pm#44 (text) ====
Index: perl/lib/Cwd.pm
--- perl/lib/Cwd.pm.~1~ Wed Sep  5 06:15:05 2001
+++ perl/lib/Cwd.pm     Wed Sep  5 06:15:05 2001
@@ -131,10 +131,22 @@
     XSLoader::load('Cwd');
 };
 
+
+# Find the pwd command in the expected locations.  We assume these
+# are safe.  This prevents _backtick_pwd() consulting $ENV{PATH}
+# so everything works under taint mode.
+my $pwd_cmd;
+foreach my $try (qw(/bin/pwd /usr/bin/pwd)) {
+    if( -x $try ) {
+        $pwd_cmd = $try;
+        last;
+    }
+}
+$pwd_cmd ||= 'pwd';
+
 # The 'natural and safe form' for UNIX (pwd may be setuid root)
-
 sub _backtick_pwd {
-    my $cwd = `pwd`;
+    my $cwd = `$pwd_cmd`;
     # `pwd` may fail e.g. if the disk is full
     chomp($cwd) if defined $cwd;
     $cwd;
End of Patch.
PERFORCE change 11879 for review

Reply via email to
