From ea7154893ee587d7e47bcebff9e70757b48a38bd Mon Sep 17 00:00:00 2001
From: Jarkko Hietaniemi <jhi@iki.fi>
Date: Tue, 4 Sep 2001 21:03:17 +0000
Subject: [PATCH] Fix Cwd::getcwd() not being tainted, as noticed by Schwern.

p4raw-id: //depot/perl@11873
---
 MANIFEST                   |  7 ++++---
 ext/Cwd/Cwd.xs             | 14 ++++++--------
 ext/Cwd/{Cwd.t => t/cwd.t} |  0
 ext/Cwd/t/taint.t          | 21 +++++++++++++++++++++
 util.c                     |  4 ++++
 5 files changed, 35 insertions(+), 11 deletions(-)
 rename ext/Cwd/{Cwd.t => t/cwd.t} (100%)
 create mode 100644 ext/Cwd/t/taint.t

diff --git a/MANIFEST b/MANIFEST
index 696f98e..a515969 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -103,9 +103,10 @@ ext/ByteLoader/byterun.c	Runtime support for bytecode loader
 ext/ByteLoader/byterun.h	Header for byterun.c
 ext/ByteLoader/hints/sunos.pl	Hints for named architecture
 ext/ByteLoader/Makefile.PL	Bytecode loader makefile writer
-ext/Cwd/Cwd.t		See if Cwd works
-ext/Cwd/Cwd.xs		Cwd extension external subroutines
-ext/Cwd/Makefile.PL	Cwd extension makefile maker
+ext/Cwd/Cwd.xs			Cwd extension external subroutines
+ext/Cwd/t/cwd.t			See if Cwd works
+ext/Cwd/t/taint.t		See if Cwd works with taint
+ext/Cwd/Makefile.PL		Cwd extension makefile maker
 ext/Data/Dumper/Changes		Data pretty printer, changelog
 ext/Data/Dumper/Dumper.pm	Data pretty printer, module
 ext/Data/Dumper/Dumper.xs	Data pretty printer, externals
diff --git a/ext/Cwd/Cwd.xs b/ext/Cwd/Cwd.xs
index 303ef70..a82404f 100644
--- a/ext/Cwd/Cwd.xs
+++ b/ext/Cwd/Cwd.xs
@@ -226,22 +226,20 @@ PPCODE:
 {
     dXSTARG;
     char *path;
-    STRLEN len;
     char buf[MAXPATHLEN];
 
-    if (pathsv)
-      path = SvPV(pathsv, len);
-    else {
-        path = ".";
-        len  = 1;
-    }
+    path = pathsv ? SvPV_nolen(pathsv) : ".";
 
     if (bsd_realpath(path, buf)) {
         sv_setpvn(TARG, buf, strlen(buf));
         SvPOK_only(TARG);
+	SvTAINTED_on(TARG);
     }
     else
-      sv_setsv(TARG, &PL_sv_undef);
+        sv_setsv(TARG, &PL_sv_undef);
 
     XSprePUSH; PUSHTARG;
+#ifndef INCOMPLETE_TAINTS
+    SvTAINTED_on(TARG);
+#endif
 }
diff --git a/ext/Cwd/Cwd.t b/ext/Cwd/t/cwd.t
similarity index 100%
rename from ext/Cwd/Cwd.t
rename to ext/Cwd/t/cwd.t
diff --git a/ext/Cwd/t/taint.t b/ext/Cwd/t/taint.t
new file mode 100644
index 0000000..036b2b1
--- /dev/null
+++ b/ext/Cwd/t/taint.t
@@ -0,0 +1,21 @@
+#!./perl -Tw
+# Testing Cwd under taint mode.
+
+BEGIN {
+    chdir 't' if -d 't';
+    @INC = '../lib';
+}
+
+use Cwd;
+use Test::More tests => 2;
+
+# The normal kill() trick is not portable.
+sub is_tainted { 
+    return ! eval { eval("#" . substr(join("", @_), 0, 0)); 1 };
+}
+
+my $cwd;
+eval { $cwd = getcwd; };
+is( $@, '',                 'getcwd() does not explode under taint mode' );
+ok( is_tainted($cwd),       "it's return value is tainted" );
+
diff --git a/util.c b/util.c
index 5c5da23..0026909 100644
--- a/util.c
+++ b/util.c
@@ -3719,6 +3719,10 @@ Perl_getcwd_sv(pTHX_ register SV *sv)
 {
 #ifndef PERL_MICRO
 
+#ifndef INCOMPLETE_TAINTS
+    SvTAINTED_on(sv);
+#endif
+
 #ifdef HAS_GETCWD
     {
 	char buf[MAXPATHLEN];
-- 
2.7.4