In perl.git, the branch blead has been updated <http://perl5.git.perl.org/perl.git/commitdiff/a2d725a2585df47821024d25ea39e658a50b9db4?hp=b3387df16a1341ea325dc9814a5b7e3a2a3b7d9f>
- Log ----------------------------------------------------------------- commit a2d725a2585df47821024d25ea39e658a50b9db4 Author: Petr PÃsaÅ <[email protected]> Date: Mon Dec 1 15:28:36 2014 +0100 t/op/taint.t: Perform SHA-256 algorithm by crypt() if default one is disabled The crypt(3) call may return NULL. This is the case on FIPS-enabled platforms. Then "tainted crypt" test would fail. See RT#121591 for similar fix in t/op/crypt.t. Signed-off-by: Petr PÃsaÅ <[email protected]> ----------------------------------------------------------------------- Summary of changes: t/op/taint.t | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/t/op/taint.t b/t/op/taint.t index f9e8331..a13fde4 100644 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -1967,7 +1967,19 @@ foreach my $ord (78, 163, 256) { SKIP: { skip 'No crypt function, skipping crypt tests', 4 if(!$Config{d_crypt}); # 59998 - sub cr { my $x = crypt($_[0], $_[1]); $x } + sub cr { + # On platforms implementing FIPS mode, using a weak algorithm + # (including the default triple-DES algorithm) causes crypt(3) to + # return a null pointer, which Perl converts into undef. We assume + # for now that all such platforms support glibc-style selection of + # a different hashing algorithm. + my $alg = ''; # Use default algorithm + if ( !defined(crypt("ab", "cd")) ) { + $alg = '$5$'; # Use SHA-256 + } + my $x = crypt($_[0], $alg . $_[1]); + $x + } sub co { my $x = ~$_[0]; $x } my ($a, $b); $a = cr('hello', 'foo' . $TAINT); -- Perl5 Master Repository
