summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorJoey Hess <joey@kitenet.net>2008-01-05 01:01:11 -0500
committerJoey Hess <joey@kitenet.net>2008-01-05 01:01:11 -0500
commitf9fa96ded77418851da8b094f73c25dbde8a9714 (patch)
tree759f9bd368ead30abd1207b9d2e4b16ec326641e /doc
parentf22558faedd71f4c29ff7c7b5a9a5e0d7371e339 (diff)
web commit by adb
Diffstat (limited to 'doc')
-rw-r--r--doc/bugs/taint_issue_with_regular_expressions.mdwn9
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/bugs/taint_issue_with_regular_expressions.mdwn b/doc/bugs/taint_issue_with_regular_expressions.mdwn
new file mode 100644
index 000000000..174b4f1c5
--- /dev/null
+++ b/doc/bugs/taint_issue_with_regular_expressions.mdwn
@@ -0,0 +1,9 @@
+Built from 2.1.17 source, works fine on commandline, but not working from CGI wrapper. Traced problem to regular expressions failing to match, specifically in contexts like the following in Render.pm:
+
+ my ($f)=/$config{wiki_file_regexp}/; # untaint
+
+It works if I replace it with:
+
+ my ($f)=/(^[-[:alnum:]_.:\/+]+$)/; # untaint
+
+which is exactly the same regular expression drawn out as a constant. It appears that %config gets some tainted data and is itself being marked entirely tainted, which may prevent using regular expressions contained in it for untainting other data. I'm using Perl 5.8.8.