Skip to content

Commit

Permalink
Cwd::fast_abs_path's untaint should allow for multiline directories
Browse files Browse the repository at this point in the history 
This bug was noticed via Perl-Toolchain-Gang/File-chdir#3 and testing has led to this being the cause.
The problem is worse on some platforms (notably cygwin in this case) when abs_path is implemented by fast_abs_path.
Since File::chdir tests for proper behavior when a directory contains a newline, this bug then breaks File::chdir (one of my favorites and very useful xplatform tool).

Yes this should have tests, but since it will involve creating a directory with a newline, I thought I would do better to leave that to someone with better knowledge than I.
  • Loading branch information
@jberger
jberger authored and Father Chrysostomos committed Dec 3, 2012
1 parent 52ee8d0 commit 9f28c63
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions dist/Cwd/Cwd.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -624,8 +624,8 @@ sub fast_abs_path {

# Detaint else we'll explode in taint mode. This is safe because
# we're not doing anything dangerous with it.
($path) = $path =~ /(.*)/;
($cwd) = $cwd =~ /(.*)/;
($path) = $path =~ /(.*)/s;
($cwd) = $cwd =~ /(.*)/s;

unless (-e $path) {
_croak("$path: No such file or directory");
Expand Down

0 comments on commit 9f28c63

Please sign in to comment.