diff options
Diffstat (limited to 'Bugzilla/Util.pm')
-rw-r--r-- | Bugzilla/Util.pm | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 8666b18ff..991bfedc1 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -31,7 +31,7 @@ package Bugzilla::Util; use strict; use base qw(Exporter); -@Bugzilla::Util::EXPORT = qw(is_tainted trick_taint detaint_natural +@Bugzilla::Util::EXPORT = qw(trick_taint detaint_natural detaint_signed html_quote url_quote xml_quote css_class_quote html_light_quote url_decode @@ -56,16 +56,6 @@ use Digest; use Scalar::Util qw(tainted); use Text::Wrap; -# This is from the perlsec page, slightly modified to remove a warning -# From that page: -# This function makes use of the fact that the presence of -# tainted data anywhere within an expression renders the -# entire expression tainted. -# Don't ask me how it works... -sub is_tainted { - return not eval { my $foo = join('',@_), kill 0; 1; }; -} - sub trick_taint { require Carp; Carp::confess("Undef to trick_taint") unless defined $_[0]; @@ -640,7 +630,6 @@ Bugzilla::Util - Generic utility functions for bugzilla use Bugzilla::Util; # Functions for dealing with variable tainting - $rv = is_tainted($var); trick_taint($var); detaint_natural($var); detaint_signed($var); @@ -704,10 +693,6 @@ with care> to avoid security holes. =over 4 -=item C<is_tainted> - -Determines whether a particular variable is tainted - =item C<trick_taint($val)> Tricks perl into untainting a particular variable. |