use Encode qw(encode decode resolve_alias);
use Encode::Guess;
use POSIX qw(floor ceil);
+use Taint::Util qw(untaint);
sub trick_taint {
- require Carp;
- Carp::confess("Undef to trick_taint") unless defined $_[0];
- my $match = $_[0] =~ /^(.*)$/s;
- $_[0] = $match ? $1 : undef;
- return (defined($_[0]));
+ untaint($_[0]);
+
+ return defined $_[0];
}
sub detaint_natural {
my $ipv6 = join(':', @chunks);
# The IP address is valid and can now be detainted.
- trick_taint($ipv6);
+ untaint($ipv6);
# Need to handle the exception of trailing :: being valid.
return "${ipv6}::" if $ip =~ /::$/;
# HACK: Perl has bug where returned crypted password is considered
# tainted. See http://rt.perl.org/rt3/Public/Bug/Display.html?id=59998
unless(tainted($password) || tainted($salt)) {
- trick_taint($crypted_password);
+ untaint($crypted_password);
}
}
else {
&& length($email) <= 127)
{
# We assume these checks to suffice to consider the address untainted.
- trick_taint($_[0]);
+ untaint($_[0]);
return 1;
}
return 0;
projects / thirdparty / bugzilla.git / commitdiff
