Package: perl
Version: 5.8.4-8
Severity: normal
The following snippet of code, when run in taint mode, sometimes fails
with a taint error:
$page =~ tr/A-Z/a-z/;
$page =~ tr/a-z0-9//cd;
$page =~ m/^([A-Z0-9]*)$/i;
$page = $1;
my $ev = sprintf 'require ACI::Forms::%s; $self = new
ACI::Forms::%s($q);', $page, $page;
$l->log('info',"page (value = '%s') is tainted when about to eval
'%s'",$page,$ev)
if is_tainted($page);
$l->log('info',"ev (value = '%s') is tainted when about to eval for
page '%s'",$ev,$page)
if is_tainted($ev);
eval $ev;
if ($@) {
$l->log('err','Tried to eval %s, got %s',$ev,$@);
return undef;
}
Specifically, the eval $ev; line fails.
The calls to $l->log() do trigger:
Apr 5 18:47:00 ryan2 index.pl[4539]: 10.37.1.38/ryan ACI::Forms page (value =
'main') is tainted when about to eval 'require ACI::Forms::main; $self = new
ACI::Forms::main($q);'
Apr 5 18:47:00 ryan2 index.pl[4539]: 10.37.1.38/ryan ACI::Forms ev (value =
'require ACI::Forms::main; $self = new ACI::Forms::main($q);') is tainted when
about to eval for page 'main'
$page should begin tainted. This is a snippet of code that runs inside
mod_perl and Apache, using Apache::Registry, Apache::DBI and CGI.pm.
Note: This is an intermittent failure.
This was not the first request handled by this particular Apache
process, nor the last (it is still running after this error.)
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (900, 'testing'), (300, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages perl depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-18 Berkeley v4.2 Database Libraries [
ii libgdbm3 1.8.3-2 GNU dbm database routines (runtime
ii perl-base 5.8.4-8 The Pathologically Eclectic Rubbis
ii perl-modules 5.8.4-8 Core Perl modules
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
