[Bug 1297455] New: CVE-2015-8607: File::Spec::canonpath() loses taint

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=1297455

            Bug ID: 1297455
           Summary: CVE-2015-8607: File::Spec::canonpath() loses taint
           Product: Fedora
           Version: 22
         Component: perl-PathTools
          Assignee: jplesnik@xxxxxxxxxx
          Reporter: ppisar@xxxxxxxxxx
        QA Contact: extras-qa@xxxxxxxxxxxxxxxxx
                CC: jplesnik@xxxxxxxxxx,
                    perl-devel@xxxxxxxxxxxxxxxxxxxxxxx



File::Spec->canonpath does not preserve tainted flag. This is regression since 
PathTools-3.40:

$ perl -T -MFile::Spec -MScalar::Util -e 'print
Scalar::Util::tainted(File::Spec->canonpath(Cwd::getcwd)), qq{\n}'
0

While expected behavior is:

$ ./perl -T -Ilib -MFile::Spec -MScalar::Util -e 'print
Scalar::Util::tainted(File::Spec->canonpath(Cwd::getcwd)), qq{\n}'
1

This bug affects all Fedoras and is know as CVE-2015-8607. Perl upstream fixed
it with commit:

commit 0b6f93036de171c12ba95d415e264d9cf7f4e1fd
Author: Tony Cook <tony@xxxxxxxxxxxxxxxx>
Date:   Tue Dec 15 10:56:54 2015 +1100

    ensure File::Spec::canonpath() preserves taint

    Previously the unix specific XS implementation of canonpath() would
    return an untainted path when supplied a tainted path.

    For the empty string case, newSVpvs() already sets taint as needed on
    its result.

    This issue was assigned CVE-2015-8607.  [perl #126862]

-- 
You are receiving this mail because:
You are on the CC list for the bug.
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/lists/perl-devel@xxxxxxxxxxxxxxxxxxxxxxx



[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Legacy Announce]     [Fedora PHP Devel]     [Kernel Devel]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite Information]
  Powered by Linux