You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@perl.apache.org by Stas Bekman <st...@stason.org> on 2003/11/08 05:15:34 UTC

Re: how to turn on taint checking

Geoffrey Young wrote:
[...]
>> And a whole Taint.xs
>> http://search.cpan.org/src/DSUGAL/Taint-0.07/Taint.xs
>> (For some reason search.cpan.org has the old version, as there is 0.09)
>> And it fails a bunch of test with any 5.8.x perl
> 
> 
> http://search.cpan.org/~phoenix/Taint-0.09/Taint.pm
> 
> is the one I'm familar with - pure perl and different than the one from 
> dan.

Ah, that's cool. But as I said that 0.09 fails a bunch of tests for me.


-- 


__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org

Re: how to turn on taint checking

Posted by Stas Bekman <st...@stason.org>.

Geoffrey Young wrote:
> 
>>> http://search.cpan.org/~phoenix/Taint-0.09/Taint.pm
>>>
>>> is the one I'm familar with - pure perl and different than the one 
>>> from dan.
>>
>>
>>
>> Ah, that's cool. But as I said that 0.09 fails a bunch of tests for me.
> 
> 
> I get the same failures.  I'm not a Test::Harness expert, but it looks 
> like lots of the failures are coming from printed warnings - since the 
> module hasn't been updated in quite a long time, the warnings are 
> probably new.
> 
> at any rate, the failing tests seem to be for the taint() trickery - 
> tainted() is a rather simple function and has always seemed to work for 
> me (under limited circumstances).

It goes further than that. Apparently 0.07 (XS version) is newer than 0.09 
(pure perl). I've contacted Tom and Dan and they said they are going to 
rectify that issue.


__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org

Re: how to turn on taint checking

Posted by Geoffrey Young <ge...@modperlcookbook.org>.

>> http://search.cpan.org/~phoenix/Taint-0.09/Taint.pm
>>
>> is the one I'm familar with - pure perl and different than the one 
>> from dan.
> 
> 
> Ah, that's cool. But as I said that 0.09 fails a bunch of tests for me.

I get the same failures.  I'm not a Test::Harness expert, but it looks like 
lots of the failures are coming from printed warnings - since the module 
hasn't been updated in quite a long time, the warnings are probably new.

at any rate, the failing tests seem to be for the taint() trickery - 
tainted() is a rather simple function and has always seemed to work for me 
(under limited circumstances).

fwiw, anyway :)

--Geoff


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org