Reading $$ in a tainted expression was tainting the internal sv_setiv()
on $$. Since the value being set came directly from getpid(), it's
always safe, so override the tainting there. Fixes [perl #109688].
case '$': /* $$ */
{
IV const pid = (IV)PerlProc_getpid();
- if (isGV(mg->mg_obj) || SvIV(mg->mg_obj) != pid)
+ if (isGV(mg->mg_obj) || SvIV(mg->mg_obj) != pid) {
/* never set manually, or at least not since last fork */
sv_setiv(sv, pid);
+ /* never unsafe, even if reading in a tainted expression */
+ SvTAINTED_off(sv);
+ }
/* else a value has been assigned manually, so do nothing */
}
break;
use strict;
use Config;
-plan tests => 791;
+plan tests => 793;
$| = 1;
}
pass("no death when TARG of ref is tainted");
+# $$ should not be tainted by being read in a tainted expression.
+{
+ isnt_tainted $$, "PID not tainted initially";
+ my $x = $ENV{PATH}.$$;
+ isnt_tainted $$, "PID not tainted when read in tainted expression";
+}
+
{
use feature 'fc';
use locale;