The following section of code in VMS.C (identical in perl 5.8.0 and perl
5.6.1) has several pointer bugs.
/* We need to use this hack to tell Perl it should run with tainting,
* since its tainting flag may be part of the PL_curinterp struct, which
* hasn't been allocated when vms_image_init() is called.
*/
if (will_taint) {
char ***newap;
New(1320,newap,*argcp+2,char **);
newap[0] = argvp[0];
*newap[1] = "-T";
Copy(argvp[1],newap[2],*argcp-1,char **);
/* We orphan the old argv, since we don't know where it's come from,
* so we don't know how to free it.
*/
*argcp++; argvp = newap;
}
First, the line *newap[1] = "-T"; attempts to assign a char* to a char**
that is currently 0, causing an ACCVIO.
I fixed that with the (extemely over conservative, but I like to be
extra careful when funky pointer manipulation happens) code fragment:
static char *taintflag = "-T";
static char **taintflagptr = &taintflag;
New(1320,newap,*argcp+2,char **);
newap[0] = argvp[0];
newap[1] = taintflagptr;
However, it's now ACCVIO'ing in the line
Copy(argvp[1],newap[2],*argcp-1,char **);
and I'm out of time to look at it. Can anyone recommend the appropriate
change here ?
Thanks,
-- Pat
--
This message does not represent the policies or positions
of the Mayo Foundation or its subsidiaries.
Patrick Spinler email: [EMAIL PROTECTED]
Mayo Foundation phone: 507/284-9485
