I can not speak to that. There are many variables that could cause this particular taint message to never have surfaced before, not the least of which could be bugs in perl's taint checking. Or it could be that you've always started with $seq = 0; from the other branch of your if statement for some reason. Or that at one point there was a line to untaint $seq but it was removed for some reason. Or something else that no one has yet thought of.
This morning I retrieved the ".SEQ" file from a backup, when it was being used on the Unix box. It looks like this
1128LF
where 1128 is the next order number, and "LF" is a line feed. Then I looked at the current one
1134LF
LF
LF
LF
LF
LF
LF
LF
LF
Considering this code
# create unique suffix
if (-f "$base_dir/$seq_file") {
open(SEQ, "+<$base_dir/$seq_file")
or diehtml("Error opening seq file: $!\n");
$seq = <SEQ>;
seek SEQ, 0, 0;
} else {
open(SEQ, ">$base_dir/$seq_file")
or diehtml("Error creating seq file: $!\n");
$seq = 0;
}
$outfile .= sprintf "%7.7d", $seq;
$ordernumber = $seq; #store this order no. before 'next' is cal
+c.
print SEQ ++$seq;
close SEQ or warn "Something wrong closing seq: $!\n";
unlink "$base_dir/.lock" or diehtml("Unlock error: $!\n");
use Fcntl; # to get constants for O_CREAT | O_EXCL | O_RDWR
sysopen(ORDERFILE, $outfile, O_WRONLY | O_EXCL | O_CREAT)
or diehtml("Can't open order records: $!\n");
print ORDERFILE @_;
close ORDERFILE or warn "Something fishy with closing the order: $
+!\n";
}
and that people have replied in this thread, indicating I should untaint the value of file ".SEQ" , would the additional line feeds cause the problem ??
I'm probably stabbing in the dark, but the file IS different now ??
Peter
|