You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@perl.apache.org by Stas Bekman <st...@stason.org> on 2004/10/01 05:32:42 UTC

Re: cvs commit: modperl-2.0/xs/Apache/RequestIO Apache__RequestIO.h

stas@apache.org wrote:

>   Index: Changes
>   ===================================================================
>   RCS file: /home/cvs/modperl-2.0/Changes,v
>   retrieving revision 1.505
>   retrieving revision 1.506
>   diff -u -u -r1.505 -r1.506
>   --- Changes	30 Sep 2004 03:39:24 -0000	1.505
>   +++ Changes	1 Oct 2004 03:30:11 -0000	1.506
>   @@ -12,6 +12,10 @@
>    
>    =item 1.99_17-dev
>    
>   +make sure that Apache::Filter::read, APR::Socket::recv,
>   +Apache::RequestIO::read, APR::Brigade::flatten, and APR::Bucket::read
>   +all return tainted data under -T [Stas]

Could someone please verify whether I've missed some other methods that 
populate a buffer of data and we don't test whether they return tainted 
data? Thanks a bunch!

This commit has fixed 3 of the methods which previously didn't set the 
data to tainted under -T.

-- 
__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org