Assume that if runperl is called under tainting, that the caller really
authorNicholas Clark <nick@ccl4.org>
Sat, 18 Feb 2006 18:22:13 +0000 (18:22 +0000)
committerNicholas Clark <nick@ccl4.org>
Sat, 18 Feb 2006 18:22:13 +0000 (18:22 +0000)
really wanted to run perl, so brute force untaint everything.

p4raw-id: //depot/perl@27220

t/test.pl

index 95aa87fdba44b13fd39d926f0874597a1ec183ee..4e00816bf7c94fd757a392abf3a7d4b08ea41ade 100644 (file)
--- a/t/test.pl
+++ b/t/test.pl
@@ -481,6 +481,15 @@ sub runperl {
     die "test.pl:runperl() does not take a hashref"
        if ref $_[0] and ref $_[0] eq 'HASH';
     my $runperl = &_create_runperl;
+    if (${^TAINT}) {
+       # We will assume that if you're running under -T, you really mean
+       # to run a fresh perl, so we'll brute force launder everything for
+       # you
+       foreach ($runperl, $ENV{PATH}) {
+           $_ =~ /(.*)/s;
+           $_ = $1;
+       }
+    }
     my $result = `$runperl`;
     $result =~ s/\n\n/\n/ if $is_vms; # XXX pipes sometimes double these
     return $result;