diff options
author | lpsolit%gmail.com <> | 2009-01-24 14:12:05 +0000 |
---|---|---|
committer | lpsolit%gmail.com <> | 2009-01-24 14:12:05 +0000 |
commit | 812ad9b3515aff6d9d870c2a11845b7416e40288 (patch) | |
tree | e99bc10c02db1932a79ca03ce8d4d61018cb32ca /Bugzilla/Util.pm | |
parent | bf475be80980e0689bac5afc3246523be8f56d93 (diff) | |
download | bugs-812ad9b3515aff6d9d870c2a11845b7416e40288.tar bugs-812ad9b3515aff6d9d870c2a11845b7416e40288.tar.gz bugs-812ad9b3515aff6d9d870c2a11845b7416e40288.tar.bz2 bugs-812ad9b3515aff6d9d870c2a11845b7416e40288.tar.xz bugs-812ad9b3515aff6d9d870c2a11845b7416e40288.zip |
Bug 471613: Replace Bugzilla::Util::is_tainted() by Scalar::Util::tainted() - Patch by Nitish Bezzala <nbezzala@yahoo.com> r/a=LpSolit
Diffstat (limited to 'Bugzilla/Util.pm')
-rw-r--r-- | Bugzilla/Util.pm | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 8666b18ff..991bfedc1 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -31,7 +31,7 @@ package Bugzilla::Util; use strict; use base qw(Exporter); -@Bugzilla::Util::EXPORT = qw(is_tainted trick_taint detaint_natural +@Bugzilla::Util::EXPORT = qw(trick_taint detaint_natural detaint_signed html_quote url_quote xml_quote css_class_quote html_light_quote url_decode @@ -56,16 +56,6 @@ use Digest; use Scalar::Util qw(tainted); use Text::Wrap; -# This is from the perlsec page, slightly modified to remove a warning -# From that page: -# This function makes use of the fact that the presence of -# tainted data anywhere within an expression renders the -# entire expression tainted. -# Don't ask me how it works... -sub is_tainted { - return not eval { my $foo = join('',@_), kill 0; 1; }; -} - sub trick_taint { require Carp; Carp::confess("Undef to trick_taint") unless defined $_[0]; @@ -640,7 +630,6 @@ Bugzilla::Util - Generic utility functions for bugzilla use Bugzilla::Util; # Functions for dealing with variable tainting - $rv = is_tainted($var); trick_taint($var); detaint_natural($var); detaint_signed($var); @@ -704,10 +693,6 @@ with care> to avoid security holes. =over 4 -=item C<is_tainted> - -Determines whether a particular variable is tainted - =item C<trick_taint($val)> Tricks perl into untainting a particular variable. |