in reply to isa() and taint checking

Your code doesn't make any sense. Here's what I assume you are trying to do (which actually works when you run it, a characteristic that is useful for trying things out): 
package Classes::SomeParent;
1;
package Classes::SomeChild;
our @ISA=("Classes::SomeParent");
package main;

my $class = 'Classes::SomeChild;
my $obj = {};
bless $obj, 'Classes::SomeChild';
if ($obj->isa('Classes::SomeParent')) {
    print "Isa";
} else {
    print "Nota";
}

[download]
prints "Isa". Likewise if you give it $class instead of $obj. My advice would be to directly inspect the @ISA of the relevant class in the debugger at that point to make sure it's correct. Of course, I am assuming that SomeChild is actually supposed to be a child of SomeParent, which you don't state.

(NB: The "is_tainted" function in perlsec isn't doing what I expect it to -- to wit, 

print "Object is ". (is_tainted($obj) ? "not " : "") . "tainted";

[download]
always claims that $obj is tainted.)

Post some more, and maybe we can figure it out.
---
"I hate it when I think myself into a corner."
Matt Mitchell

Replies are listed 'Best First'.
Re: Re: isa() and taint checking
by webby (Acolyte) on Oct 17, 2002 at 16:35 UTC
    Sorry for being too brief.

    I've put together a longer example, and tested this. It works without -T, but I can't figure out why it won't work with Taint. Help is much appreciated.

    File 1 - example.pl 
    #!/usr/bin/perl -wT

use strict;
use lib '.';
use Objects::Parent;

loadObjects('Objects');

sub loadObjects {
        my $directory = shift;

        opendir(DIR, $directory) or die "Object Templates can't be loa
+ded: Can't open $directory: $!";
        while (defined(my $file = readdir(DIR))) {
                if($file =~ /^(.*\.pm)$/) {
                        $file = $1;
                        $file = $directory."/".$file;
                        require $file;
                        $file =~ s/\//::/g;
                        $file =~ s/\.pm$//;
                        if($file->isa('Objects::Parent')) {
                                my $tempObject = $file->new();
                                $tempObject->doSomething();
                        }

                }
        }
}

    [download]
    File 2 - Objects/Parent.pm 
    package Objects::Parent;

sub new {
        bless {}, shift;
}

sub doSomething {
        print "Something\n";
}

1;

    [download]
    File 3 - Objects/Child.pm 
    package Objects::Child;

use base 'Objects::Parent';

1;

    [download]
[reply]
[d/l]
[select]

      A cheap hack to get around the problem: 

      sub loadObjects {
  my $directory = shift;

  opendir(DIR, $directory)
    or die "Object Templates can't be loaded: Can't open $directory: $
+!";
  while (defined(my $file = readdir(DIR))) {
    if($file =~ /^(.*\.pm)$/) {
      $file = $1;
      $file = $directory."/".$file;


      my $file = $file;  # Cheap hack


      require $file;
      $file =~ s/\//::/g;
      $file =~ s/\.pm$//;
      if($file->isa('Objects::Parent')) {
        my $tempObject = $file->new();
        $tempObject->doSomething();
      }

    }
  }

      [download]

      Otherwise, it looks to me like a bug in perl. *shrug* Maybe someone better than I can shed some light.

      bbfu
      Black flowers blossum
      Fearless on my breath

[reply]
[d/l]

        Supposition: taint is associated with the variable, not the value. Assigning to the variable doesn't clear the taint flag. Creating a new variable does. That's why my example worked.

        Solution #1 is to fix Perl, if that's the proper remedy. Solution #2 is not to reuse $file to hold the contents of $1.

[reply]
[d/l]
[select]
      OK. Something must be screwing up the tainting of $file, because if you change that isa test into this 
      $file =~ /(.*)/;
my $ff = $1;
if ($ff->isa('Objects::Parent')) {

      [download]
      it works as you'd expect.

      Now, I don't really know why this is the case. The Taint module's tainted function says $file isn't tainted. No error is ever seen, it just silently fails. My tests are on 5.6.1. Anyone have any better idea what's going on here?
      ---
      "I hate it when I think myself into a corner."
      Matt Mitchell

[reply]
[d/l]

In Section Seekers of Perl Wisdom