[SACVS] CVS: spamassassin/lib/Mail/SpamAssassin Util.pm,1.33,1.34

Update of /cvsroot/spamassassin/spamassassin/lib/Mail/SpamAssassin
In directory sc8-pr-cvs1:/tmp/cvs-serv30713/lib/Mail/SpamAssassin

Modified Files:
        Util.pm 
Log Message:
bug 2442: am_running_in_taint_mode() does not seem to work


Index: Util.pm
===================================================================
RCS file: /cvsroot/spamassassin/spamassassin/lib/Mail/SpamAssassin/Util.pm,v
retrieving revision 1.33
retrieving revision 1.34
diff -b -w -u -d -r1.33 -r1.34
--- Util.pm     14 Sep 2003 20:30:52 -0000      1.33
+++ Util.pm     15 Sep 2003 23:02:04 -0000      1.34
@@ -110,12 +110,31 @@
   }
 }
 
-# taint mode: are we running in taint mode? 1 for yes, undef for no.
+# taint mode: are we running in taint mode? 1 for yes, 0 for no.
 sub am_running_in_taint_mode {
-  if (defined $AM_TAINTED) { return $AM_TAINTED; }
+  return $AM_TAINTED if defined $AM_TAINTED;
   
-  my $blank = substr ($ENV{PATH}, 0, 0);
+  if ($] >= 5.008) {
+    # perl 5.8 and above, ${^TAINT} is a syntax violation in 5.005
+    $AM_TAINTED = eval q(no warnings q(syntax); ${^TAINT});
+  }
+  else {
+    # older versions
+    my $blank;
+    for my $d ((File::Spec->curdir, File::Spec->rootdir, File::Spec->tmpdir)) {
+      opendir(TAINT, $d) || next;
+      $blank = readdir(TAINT);
+      closedir(TAINT);
+      last;
+    }
+    if (!(defined $blank && $blank)) {
+      # these are sometimes untainted, so this is less preferable than readdir
+      $blank = join('', values %ENV, $0, @ARGV);
+    }
+    $blank = substr($blank, 0, 0);
+    # seriously mind-bending perl
   $AM_TAINTED = not eval { eval "1 || $blank" || 1 };
+  }
   dbg ("running in taint mode? ".($AM_TAINTED?"yes":"no"));
   return $AM_TAINTED;
 }



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf