Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re^3: SOAP::Lite - Insecure dependency in eval while running with -T

by Anonymous Monk
on Mar 25, 2011 at 12:47 UTC ( #895471=note: print w/ replies, xml ) Need Help??


in reply to Re^2: SOAP::Lite - Insecure dependency in eval while running with -T
in thread SOAP::Lite - Insecure dependency in eval while running with -T

  • "Bad stub:" is not mentioned anywhere in OPs message
  • "Code execution error" doesn't appear in SOAP/Lite.pm
  • "returned error" doesn't appear in SOAP/Lite.pm


Comment on Re^3: SOAP::Lite - Insecure dependency in eval while running with -T
Re^4: SOAP::Lite - Insecure dependency in eval while running with -T
by moritz (Cardinal) on Mar 25, 2011 at 12:55 UTC
    "Bad stub:" is not mentioned anywhere in OPs message

    If the eval() dies due to taint modus (and not just returns undef because of normal failure), the or croak part will never executed. So not relevant.

    $ perl -Te 'eval shift or die "NO"' foo Insecure dependency in eval while running with -T switch at -e line 1. $ no NO printed, see?
    • Code execution error" doesn't appear in SOAP/Lite.pm
    • "returned error" doesn't appear in SOAP/Lite.pm

    So it was wrapped in some other code that caught the error, and augmented with additional information. It looks to me that the line in question is still the source of the error, even if indirectly reported.

      Gah, I kept focusing on $_ being a hash key and thus not tainted

      Cheap fix

      sub generate_stub { ... $self->{'_stub'} = $1 if $self->{'_stub'} =~ /^(.*)/; return $self->stub; }

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://895471]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (9)
As of 2014-11-27 18:45 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My preferred Perl binaries come from:














    Results (187 votes), past polls