PATCH: [perl #120675] Unexpected tainting via regex using locale
authorKarl Williamson <public@khwilliamson.com>
Wed, 4 Dec 2013 17:06:04 +0000 (10:06 -0700)
committerKarl Williamson <public@khwilliamson.com>
Thu, 5 Dec 2013 02:52:39 +0000 (19:52 -0700)
commitb99851e1941e002dd4816ee6c76fd49bbee1d7f3
tree35f308b90cb367c07b1044c86c8066d6e09e25ff
parent7d3522ac673ed909c14c4bb01095ed6c234fc417
PATCH: [perl #120675] Unexpected tainting via regex using locale

Tainting should only be turned on if something that could be tainted is
actually tried.  Hence in a [bracketed character class], if the
character being matched is something like

    "a" =~ /([a-z])/l;

tainting isn't turned on because the match doesn't actually depend on
the locale definition.  That is, it would match regardless of the
locale.  Similarly,

    "A" =~ /([a-z])/l;

shouldn't turn on tainting because it shouldn't match no matter what
locale is in effect.  However, until this commit, this worked only
because of a compilte time optimization.  The following (from the
ticket) isn't optimized and didn't work until this commit:

    "foo.bar_baz" =~ /^(.*)[._](.*?)$/';

The [._] was causing tainting even though there is nothing in the
pattern that is locale-dependent.

This commit just moves the tainting to code branches where the locale
actually does matter.  It was just turning it on for any bracketed
character class where the target character didn't match any of the
explicit characters in the class.
lib/locale.t
regexec.c