You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
26 lines
1.0 KiB
26 lines
1.0 KiB
"A security hole has been discovered in Safe.pm. When a Safe compartment |
|
has already been used, there's no guarantee that it's safe any longer, |
|
because there's a way for code executed within the Safe compartment to |
|
alter its operation mask. (Thus, programs that use a Safe compartment |
|
only once aren't affected by this bug.)" |
|
|
|
--- ext/Opcode/Safe.pm.orig |
|
+++ ext/Opcode/Safe.pm |
|
@@ -213,7 +213,7 @@ |
|
# Create anon sub ref in root of compartment. |
|
# Uses a closure (on $expr) to pass in the code to be executed. |
|
# (eval on one line to keep line numbers as expected by caller) |
|
- my $evalcode = sprintf('package %s; sub { eval $expr; }', $root); |
|
+ my $evalcode = sprintf('package %s; sub { @_ = (); eval $expr; }', $root); |
|
my $evalsub; |
|
|
|
if ($strict) { use strict; $evalsub = eval $evalcode; } |
|
@@ -227,7 +227,7 @@ |
|
my $root = $obj->{Root}; |
|
|
|
my $evalsub = eval |
|
- sprintf('package %s; sub { do $file }', $root); |
|
+ sprintf('package %s; sub { @_ = (); do $file }', $root); |
|
return Opcode::_safe_call_sv($root, $obj->{Mask}, $evalsub); |
|
} |
|
|
|
|