From - Sun Oct  7 14:30:43 2001
Return-Path: <perlbug@onion.perl.org>
Received: from mimer.null.dk ([130.228.230.9]) by mailin03.sul.t-online.de
	with smtp id 15qB8L-29CGmmC; Sun, 7 Oct 2001 12:26:09 +0200
Received: (qmail 22628 invoked by uid 1038); 7 Oct 2001 10:26:09 -0000
Delivered-To: richard@mimer.null.dk
Received: (qmail 22616 invoked by uid 1038); 7 Oct 2001 10:26:08 -0000
Delivered-To: richard-rfi-rjsf-tron5@rfi.net
Received: (qmail 22612 invoked from network); 7 Oct 2001 10:26:06 -0000
Received: from onion.valueclick.com (HELO onion.perl.org) (209.85.157.220)
  by mimer.null.dk with SMTP; 7 Oct 2001 10:26:06 -0000
Received: (qmail 78555 invoked by uid 1007); 7 Oct 2001 10:26:03 -0000
Date: 7 Oct 2001 10:26:03 -0000
Message-ID: <20011007102603.78554.qmail@onion.perl.org>
From: perlbug@onion.perl.org
To: rjsf-tron5@rfi.net
X-Mozilla-Status: 8001
X-Mozilla-Status2: 00000000
X-UIDL: 62bbfb2e5dca5613

[0] INIT 2.86 (72805) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Nicholas Clark <nick@ccl4.org>) 
			In-Reply-To()
			Message-Id(<20011005113358.Z38756@plum.flirble.org>) 
			Reply-To() 
			Subject([PATCH] perlfunc/select) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject([PATCH] perlfunc/select), cc() 
[15] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[16] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[17] cmd(quiet) arg(Do docpatches still go to p5p, or should they now be on a pod list?

Nicholas Clark

--- pod/perlfunc.pod.orig       Sun Sep 30 02:17:48 2001
+++ pod/perlfunc.pod    Fri Oct  5 11:31:44 2001
@@ -4111,7 +4111,7 @@

 Any of the bit masks can also be undef.  The timeout, if specified, is
 in seconds, which may be fractional.  Note: not all implementations are
-capable of returning the$timeleft.  If not, they always return
+capable of returning the $timeleft.  If not, they always return
 $timeleft equal to the supplied $timeout.

 You can effect a sleep of 250 milliseconds this way:) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'Do docpatches still go to p5p, or should they now be on a pod list?

Nicholas Clark

--- pod/perlfunc.pod.orig       Sun Sep 30 02:17:48 2001
+++ pod/perlfunc.pod    Fri Oct  5 11:31:44 2001
@@ -4111,7 +4111,7 @@

 Any of the bit masks can also be undef.  The timeout, if specified, is
 in seconds, which may be fractional.  Note: not all implementations are
-capable of returning the$timeleft.  If not, they always return
+capable of returning the $timeleft.  If not, they always return
 $timeleft equal to the supplied $timeout.

 You can effect a sleep of 250 milliseconds this way:'
        };
 
[18] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.01 usr +  0.01 sys =  0.02 CPU)
	Runtime:  5 wallclock secs ( 0.20 usr +  0.02 sys =  0.23 CPU)
	Alltook:  5 wallclock secs ( 0.21 usr +  0.03 sys =  0.24 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[19] SQL: SHOW fields FROM pb_range 
[20] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (16617) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From("Kurt D. Starsinic" <kstar@wolfetech.com>) 
			In-Reply-To(<20011005152714.A4797@blackrider>)
			Message-Id(<20011005141637.D30309@wolfetech.com>) 
			Reply-To(kstar@cpan.org) 
			Subject(Re: A philosophical tainting issue) 
			To(Michael G Schwern <schwern@pobox.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(Michael G Schwern <schwern@pobox.com>), subject(Re: A philosophical tainting issue), cc(perl5-porters@perl.org) 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x86012dc)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(On Oct 05, Michael Schwern wrote:
> I've got a tainting problem that might be solved by a philosophical
> rather than techinical solution, want to know what people think of it.
> 
> Lemme splain.
> 
> I'm rejiggering the guts of Test::Harness, and one of the goals is to
> make it work under taint mode.  Test::Harness obviously has to run
> Perl programms, and this involves using $^X.  $^X is tainted.  Even
> worse, $^X is often just "perl", which means $ENV{PATH} enters the
> picture.
> 
> My solution to the problem is to manually use $ENV{PATH} to resolve a
> non-absolute $^X, detaint the result and use it in system or open or
> whatever.  My thinking is that since this is the same data and logic
> that got us to the currently running perl binary, we can trust it
> implicitly.
> 
> I can't think of how this might cause a security problem.  Can anyone
> else?

    $ENV{PATH} might not be set, and exec*() might be using a system-
specific default search path.

    You need to correctly parse the appropriate environment variable(s)
for every operating system and filesystem type.

    If you can't be sure that the relevant Test::Harness code runs before
any BEGIN blocks in the test itself, then the test could maliciously change
$ENV{PATH} or $^X.

    perl -e 'exec { "perl" } "/sbin/halt"'

    Your executable could have been deleted since exec*()-time, causing
a PATH search to fail or turn up the wrong executable.

    There isn't a cross-platform way to _know_ the full path to your
executable.

    - Kurt) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Oct 05, Michael Schwern wrote:
> I\'ve got a tainting problem that might be solved by a philosophical
> rather than techinical solution, want to know what people think of it.
> 
> Lemme splain.
> 
> I\'m rejiggering the guts of Test::Harness, and one of the goals is to
> make it work under taint mode.  Test::Harness obviously has to run
> Perl programms, and this involves using $^X.  $^X is tainted.  Even
> worse, $^X is often just "perl", which means $ENV{PATH} enters the
> picture.
> 
> My solution to the problem is to manually use $ENV{PATH} to resolve a
> non-absolute $^X, detaint the result and use it in system or open or
> whatever.  My thinking is that since this is the same data and logic
> that got us to the currently running perl binary, we can trust it
> implicitly.
> 
> I can\'t think of how this might cause a security problem.  Can anyone
> else?

    $ENV{PATH} might not be set, and exec*() might be using a system-
specific default search path.

    You need to correctly parse the appropriate environment variable(s)
for every operating system and filesystem type.

    If you can\'t be sure that the relevant Test::Harness code runs before
any BEGIN blocks in the test itself, then the test could maliciously change
$ENV{PATH} or $^X.

    perl -e \'exec { "perl" } "/sbin/halt"\'

    Your executable could have been deleted since exec*()-time, causing
a PATH search to fail or turn up the wrong executable.

    There isn\'t a cross-platform way to _know_ the full path to your
executable.

    - Kurt'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  1 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.23 usr +  0.01 sys =  0.24 CPU)
	Alltook: 10 wallclock secs ( 0.23 usr +  0.01 sys =  0.24 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (21095) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(David Dyck <dcd@tc.fluke.com>) 
			In-Reply-To()
			Message-Id(<200110052152.OAA09666@dd.tc.fluke.com>) 
			Reply-To() 
			Subject(IO::Socket::INET::_sock_info re-uses $1 and returns hostname as port) 
			To(perlbug@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(perlbug@perl.org), subject(IO::Socket::INET::_sock_info re-uses $1 and returns hostname as port), cc() 
[15] NEW BUG new(1): Yup! perl(\bperl|perl\b) subject(IO::Socket::INET::_sock_info re-uses $1 and returns hostname as port) :-)) 
[16] Decision -> do_new(1) NEW BUG new(1): Yup! perl(\bperl|perl\b) subject(IO::Socket::INET::_sock_info re-uses $1 and returns hostname as port) :-)) 
[17] cmd(B) arg(This is a bug report for perl from dcd@tc.fluke.com,
generated with the help of perlbug 1.33 running under perl v5.7.2.


-----------------------------------------------------------------
[Please enter your report here]

I had been getting errors like
Argument "ls6-www.cs.uni-dortmund.de" 
 isn't numeric in subroutine entry at 
  /usr/local/lib/perl5/5.7.2/IO/Socket/INET.pm line 191.

when using CPAN::WAIT "wq" command in CPAN

The expression in that line
  pack_sockaddr_in($rport, $raddr)
is in the IO::Socket::INET::configure
where $rport is 'ls6-www.cs.uni-dortmund.de' when it should
be the number 1404.

$raddr and $rport are assigned earlier from a call to
 _sock_info('ls6-www.cs.uni-dortmund.de', 1404, 6)

if $1 has already been set before the call to _sock_info
then port is returned incorrectly

The following program:

use IO::Socket::INET;
$host="ls6-www.cs.uni-dortmund.de";
$host =~ /(.*)/;
@a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
print "return port=", (scalar(@a) ? @a[1] : "undef"), "\n";

prints
return port=ls6-www.cs.uni-dortmund.de

when it should print
return port=1404

as it does after the following patch is applied.
  (My guess is that the code used to be called with $1 undefined,)

Or perhaps $1 used to be cleared, (as it's set now in CPAN/WAIT.pm line 55)

/-----------------------------------------------------------------\
| If you've read this far, is there a way to get the revision log |
| for ext/IO/lib/IO/Socket/INET.pm?                               |
\-----------------------------------------------------------------/


--- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
@@ -52,9 +52,7 @@
   }
 
   if(defined $port) {
-    $port =~ s,\((\d+)\)$,,;
-
-    my $defport = $1 || undef;
+    my $defport = ($port =~ s,\((\d+)\)$,,) ? $1 : undef;
     my $pnum = ($port =~ m,^(\d+)$,)[0];
 
     @serv = getservbyname($port, $proto[0] || "")


[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
    category=library
    severity=high
---
Site configuration information for perl v5.7.2:

Configured by dcd at Wed Oct  3 18:05:30 PDT 2001.

Summary of my perl5 (revision 5.0 version 7 subversion 2 patch 12322) configuration:
  Platform:
    osname=linux, osvers=2.4.10-ac3, archname=i686-linux
    uname='linux dd 2.4.10-ac3 #3 tue oct 2 08:14:46 pdt 2001 i686 '
    config_args='-Dinstallusrbinperl -Uversiononly -Dusedevel -Doptimize=-O3 -g -de -Dcf_email=dcd@tc.fluke.com'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=n, bincompat5005=define
  Compiler:
    cc='cc', ccflags ='-DDEBUGGING -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O3 -g',
    cppflags='-DDEBUGGING -fno-strict-aliasing -I/usr/local/include'
    ccversion='', gccversion='egcs-2.91.66.1 19990314/Linux (egcs-1.1.2 release)', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=4
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lgdbm -ldbm -ldb -ldl -lm -lc
    perllibs=-ldl -lm -lc
    libc=/lib/libc.so.5.4.44, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic'
    cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib'

Locally applied patches:
    DEVEL12306

---
@INC for perl v5.7.2:
    /usr/local/lib/perl5/5.7.2/i686-linux
    /usr/local/lib/perl5/5.7.2
    /usr/local/lib/perl5/site_perl/5.7.2/i686-linux
    /usr/local/lib/perl5/site_perl/5.7.2
    /usr/local/lib/perl5/site_perl/5.6.1/i686-linux
    /usr/local/lib/perl5/site_perl/5.6.1
    /usr/local/lib/perl5/site_perl
    .

---
Environment for perl v5.7.2:
    HOME=/home/dcd
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/dcd/bin:/sbin:/usr/local/bin:/bin:/usr/bin:/usr/X11/bin:/usr/games:/usr/local/samba:/home/hobbes/tools/scripts:/home/hobbes/tools/linux:/usr0/hobbes/tools/scripts:/usr0/dcd/bin:/apps/general/bin:/usr/public
    PERL_BADLANG (unset)
    SHELL=/bin/bash) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'This is a bug report for perl from dcd@tc.fluke.com,
generated with the help of perlbug 1.33 running under perl v5.7.2.


-----------------------------------------------------------------
[Please enter your report here]

I had been getting errors like
Argument "ls6-www.cs.uni-dortmund.de" 
 isn\'t numeric in subroutine entry at 
  /usr/local/lib/perl5/5.7.2/IO/Socket/INET.pm line 191.

when using CPAN::WAIT "wq" command in CPAN

The expression in that line
  pack_sockaddr_in($rport, $raddr)
is in the IO::Socket::INET::configure
where $rport is \'ls6-www.cs.uni-dortmund.de\' when it should
be the number 1404.

$raddr and $rport are assigned earlier from a call to
 _sock_info(\'ls6-www.cs.uni-dortmund.de\', 1404, 6)

if $1 has already been set before the call to _sock_info
then port is returned incorrectly

The following program:

use IO::Socket::INET;
$host="ls6-www.cs.uni-dortmund.de";
$host =~ /(.*)/;
@a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
print "return port=", (scalar(@a) ? @a[1] : "undef"), "\\n";

prints
return port=ls6-www.cs.uni-dortmund.de

when it should print
return port=1404

as it does after the following patch is applied.
  (My guess is that the code used to be called with $1 undefined,)

Or perhaps $1 used to be cleared, (as it\'s set now in CPAN/WAIT.pm line 55)

/-----------------------------------------------------------------\\
| If you\'ve read this far, is there a way to get the revision log |
| for ext/IO/lib/IO/Socket/INET.pm?                               |
\\-----------------------------------------------------------------/


--- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
@@ -52,9 +52,7 @@
   }
 
   if(defined $port) {
-    $port =~ s,\\((\\d+)\\)$,,;
-
-    my $defport = $1 || undef;
+    my $defport = ($port =~ s,\\((\\d+)\\)$,,) ? $1 : undef;
     my $pnum = ($port =~ m,^(\\d+)$,)[0];
 
     @serv = getservbyname($port, $proto[0] || "")


[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
    category=library
    severity=high
---
Site configuration information for perl v5.7.2:

Configured by dcd at Wed Oct  3 18:05:30 PDT 2001.

Summary of my perl5 (revision 5.0 version 7 subversion 2 patch 12322) configuration:
  Platform:
    osname=linux, osvers=2.4.10-ac3, archname=i686-linux
    uname=\'linux dd 2.4.10-ac3 #3 tue oct 2 08:14:46 pdt 2001 i686 \'
    config_args=\'-Dinstallusrbinperl -Uversiononly -Dusedevel -Doptimize=-O3 -g -de -Dcf_email=dcd@tc.fluke.com\'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=n, bincompat5005=define
  Compiler:
    cc=\'cc\', ccflags =\'-DDEBUGGING -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64\',
    optimize=\'-O3 -g\',
    cppflags=\'-DDEBUGGING -fno-strict-aliasing -I/usr/local/include\'
    ccversion=\'\', gccversion=\'egcs-2.91.66.1 19990314/Linux (egcs-1.1.2 release)\', gccosandvers=\'\'
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype=\'long\', ivsize=4, nvtype=\'double\', nvsize=8, Off_t=\'off_t\', lseeksize=4
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld=\'cc\', ldflags =\' -L/usr/local/lib\'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lgdbm -ldbm -ldb -ldl -lm -lc
    perllibs=-ldl -lm -lc
    libc=/lib/libc.so.5.4.44, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=\'-rdynamic\'
    cccdlflags=\'-fpic\', lddlflags=\'-shared -L/usr/local/lib\'

Locally applied patches:
    DEVEL12306

---
@INC for perl v5.7.2:
    /usr/local/lib/perl5/5.7.2/i686-linux
    /usr/local/lib/perl5/5.7.2
    /usr/local/lib/perl5/site_perl/5.7.2/i686-linux
    /usr/local/lib/perl5/site_perl/5.7.2
    /usr/local/lib/perl5/site_perl/5.6.1/i686-linux
    /usr/local/lib/perl5/site_perl/5.6.1
    /usr/local/lib/perl5/site_perl
    .

---
Environment for perl v5.7.2:
    HOME=/home/dcd
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/dcd/bin:/sbin:/usr/local/bin:/bin:/usr/bin:/usr/X11/bin:/usr/games:/usr/local/samba:/home/hobbes/tools/scripts:/home/hobbes/tools/linux:/usr0/hobbes/tools/scripts:/usr0/dcd/bin:/apps/general/bin:/usr/public
    PERL_BADLANG (unset)
    SHELL=/bin/bash'
        };
 
[18] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 21 wallclock secs ( 0.19 usr +  0.05 sys =  0.24 CPU)
	Alltook: 21 wallclock secs ( 0.19 usr +  0.05 sys =  0.24 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[19] SQL: SHOW fields FROM pb_range 
[20] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (33092) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(Perl Porters <perl5-porters@perl.org>) 
			From(David Dyck <dcd@tc.fluke.com>) 
			In-Reply-To()
			Message-Id(<Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>) 
			Reply-To() 
			Subject(patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(Jarkko Hietaniemi <jhi@iki.fi>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(Jarkko Hietaniemi <jhi@iki.fi>), subject(patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc(Perl Porters <perl5-porters@perl.org>) 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(I submitted this patch via perlbug, with much explanation
and a test program that showed the problem.  The old code
assigned $defport from $1 if $1 was set, but sometimes
the pattern match fails, and $1 comes from an earlier setting.
    $port =~ s,\((\d+)\)$,,;
    my $defport = $1 || undef;

I was getting this problem when using CPAN::WAIT extensions to CPAN
 wq des=rcs
but it's not really a CPAN issue.

Fixing this bug should also fix Bug ID (20010803.022)
so I'll post this to p5p with that in the subject

Before the patch the test prints port=ls6-www.cs.uni-dortmund.de
but after the patch the test prints port=1404  as expected

use IO::Socket::INET;
$host="ls6-www.cs.uni-dortmund.de";
$host =~ /(.*)/;
print "\$1=$1\n";
$port=1404;
$port =~ s,\((\d+)\)$,,;
print "\$port=$port, \$1=$1\n";

print "\$INC{IO/Socket/INET.pm}=",$INC{'IO/Socket/INET.pm'},"\n";
@a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
print "return port=", (scalar(@a) ? @a[1] : "undef"), "\n";
1;

__END__


--- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
@@ -52,9 +52,7 @@
   }

   if(defined $port) {
-    $port =~ s,\((\d+)\)$,,;
-
-    my $defport = $1 || undef;
+    my $defport = ($port =~ s,\((\d+)\)$,,) ? $1 : undef;
     my $pnum = ($port =~ m,^(\d+)$,)[0];

     @serv = getservbyname($port, $proto[0] || "")) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'I submitted this patch via perlbug, with much explanation
and a test program that showed the problem.  The old code
assigned $defport from $1 if $1 was set, but sometimes
the pattern match fails, and $1 comes from an earlier setting.
    $port =~ s,\\((\\d+)\\)$,,;
    my $defport = $1 || undef;

I was getting this problem when using CPAN::WAIT extensions to CPAN
 wq des=rcs
but it\'s not really a CPAN issue.

Fixing this bug should also fix Bug ID (20010803.022)
so I\'ll post this to p5p with that in the subject

Before the patch the test prints port=ls6-www.cs.uni-dortmund.de
but after the patch the test prints port=1404  as expected

use IO::Socket::INET;
$host="ls6-www.cs.uni-dortmund.de";
$host =~ /(.*)/;
print "\\$1=$1\\n";
$port=1404;
$port =~ s,\\((\\d+)\\)$,,;
print "\\$port=$port, \\$1=$1\\n";

print "\\$INC{IO/Socket/INET.pm}=",$INC{\'IO/Socket/INET.pm\'},"\\n";
@a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
print "return port=", (scalar(@a) ? @a[1] : "undef"), "\\n";
1;

__END__


--- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
@@ -52,9 +52,7 @@
   }

   if(defined $port) {
-    $port =~ s,\\((\\d+)\\)$,,;
-
-    my $defport = $1 || undef;
+    my $defport = ($port =~ s,\\((\\d+)\\)$,,) ? $1 : undef;
     my $pnum = ($port =~ m,^(\\d+)$,)[0];

     @serv = getservbyname($port, $proto[0] || "")'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.01 usr +  0.00 sys =  0.01 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.23 usr +  0.02 sys =  0.25 CPU)
	Alltook:  9 wallclock secs ( 0.24 usr +  0.02 sys =  0.26 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (40478) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From("Randy J. Ray" <rjray@redhat.com>) 
			In-Reply-To()
			Message-Id(<200110052346.f95NkxS05703@tzimisce.cygnus.com>) 
			Reply-To(rjray@redhat.com (Randy J. Ray)) 
			Subject(GNU Make-like tool for Win32?) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject(GNU Make-like tool for Win32?), cc() 
[15] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[16] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[17] cmd(quiet) arg(I've been working on some of my non-UNIX-bound modules, trying to get them
to build cleanly under Cygwin. Recently, my XML-RPC package choked because
(a) the make in Cygwin complained of separator problems on line XXX, and
then (b) when I installed dmake, it couldn't deal with rules like:

	%.xpl: %.base %.code
		($TOOL) %.base > %.xpl

(a gross simplification, but it illustrates the GNU Make feature that
breaks dmake).

So, should I simplify the resulting Makefile, or is there a better make
tool for Win32 that I should be using, and should require users to also
have? Right now, I'm thinking that I should write the above as a .SUFFIXES
rule and set of standard dependancies, but I'm not that convinced that
I've got my Win32 environment set up as well as it could be.

Randy
--
-------------------------------------------------------------------------------
Randy J. Ray     | Buy a copy of a baby naming book and you'll never be at a
rjray@redhat.com | loss for variable names. Fred is a wonderful name, and easy
+1 408 543-9482  | to type. --Roedy Green, "How To Write Unmaintainable Code") => ret: $VAR1 = {
          'opts' => '',
          'body' => 'I\'ve been working on some of my non-UNIX-bound modules, trying to get them
to build cleanly under Cygwin. Recently, my XML-RPC package choked because
(a) the make in Cygwin complained of separator problems on line XXX, and
then (b) when I installed dmake, it couldn\'t deal with rules like:

	%.xpl: %.base %.code
		($TOOL) %.base > %.xpl

(a gross simplification, but it illustrates the GNU Make feature that
breaks dmake).

So, should I simplify the resulting Makefile, or is there a better make
tool for Win32 that I should be using, and should require users to also
have? Right now, I\'m thinking that I should write the above as a .SUFFIXES
rule and set of standard dependancies, but I\'m not that convinced that
I\'ve got my Win32 environment set up as well as it could be.

Randy
--
-------------------------------------------------------------------------------
Randy J. Ray     | Buy a copy of a baby naming book and you\'ll never be at a
rjray@redhat.com | loss for variable names. Fred is a wonderful name, and easy
+1 408 543-9482  | to type. --Roedy Green, "How To Write Unmaintainable Code"'
        };
 
[18] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.23 usr +  0.00 sys =  0.23 CPU)
	Alltook:  9 wallclock secs ( 0.23 usr +  0.00 sys =  0.23 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[19] SQL: SHOW fields FROM pb_range 
[20] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (41470) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From("Wayne Moore" <rttmk@eurosport.com>) 
			In-Reply-To()
			Message-Id(<200110051454.XAA05814@m-chemicals.com>) 
			Reply-To() 
			Subject(They Will Buy #32A4) 
			To(more@m-chemicals.com) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[14] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 10 wallclock secs ( 0.20 usr +  0.02 sys =  0.21 CPU)
	Alltook: 10 wallclock secs ( 0.20 usr +  0.02 sys =  0.21 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[15] SQL: SHOW fields FROM pb_range 
[16] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (46190) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(Perl Porters <perl5-porters@perl.org>) 
			From(David Dyck <dcd@tc.fluke.com>) 
			In-Reply-To(<Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>)
			Message-Id(<Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(Jarkko Hietaniemi <jhi@iki.fi>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(Jarkko Hietaniemi <jhi@iki.fi>), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc(Perl Porters <perl5-porters@perl.org>) 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(After reading the patch I sent (and still would like to see applied,
I looked at the expression immediately following where $pnum
was set to a matched value or undef, I don't know if that
 (match in list context)[0]
idiom  is better, if think so, you could apply
the following tweek to the patch I sent earlier, so
that both patterns use the same idiom.

 Thanks,
   David


--- ext/IO/lib/IO/Socket/INET.pm.prepatch2	Fri Oct  5 17:25:29 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 17:26:00 2001
@@ -52,7 +52,8 @@
   }

   if(defined $port) {
-    my $defport = ($port =~ s,\((\d+)\)$,,) ? $1 : undef;
+
+    my $defport = ($port =~ s,\((\d+)\)$,,)[0];
     my $pnum = ($port =~ m,^(\d+)$,)[0];

     @serv = getservbyname($port, $proto[0] || "")


On Fri, 5 Oct 2001, David Dyck wrote:

> From: David Dyck <dcd@tc.fluke.com>
> To: Jarkko Hietaniemi <jhi@iki.fi>
> Cc: Perl Porters <perl5-porters@perl.org>
> Date: Fri, 5 Oct 2001 16:04:43 -0700 (PDT)
> Subject: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)
> Return-Receipt-To: dcd@tc.fluke.com
>
> I submitted this patch via perlbug, with much explanation
> and a test program that showed the problem.  The old code
> assigned $defport from $1 if $1 was set, but sometimes
> the pattern match fails, and $1 comes from an earlier setting.
>     $port =~ s,\((\d+)\)$,,;
>     my $defport = $1 || undef;
>
> I was getting this problem when using CPAN::WAIT extensions to CPAN
>  wq des=rcs
> but it's not really a CPAN issue.
>
> Fixing this bug should also fix Bug ID (20010803.022)
> so I'll post this to p5p with that in the subject
>
> Before the patch the test prints port=ls6-www.cs.uni-dortmund.de
> but after the patch the test prints port=1404  as expected
>
> use IO::Socket::INET;
> $host="ls6-www.cs.uni-dortmund.de";
> $host =~ /(.*)/;
> print "\$1=$1\n";
> $port=1404;
> $port =~ s,\((\d+)\)$,,;
> print "\$port=$port, \$1=$1\n";
>
> print "\$INC{IO/Socket/INET.pm}=",$INC{'IO/Socket/INET.pm'},"\n";
> @a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
> print "return port=", (scalar(@a) ? @a[1] : "undef"), "\n";
> 1;
>
> __END__
>
>
> --- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
> +++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
> @@ -52,9 +52,7 @@
>    }
>
>    if(defined $port) {
> -    $port =~ s,\((\d+)\)$,,;
> -
> -    my $defport = $1 || undef;
> +    my $defport = ($port =~ s,\((\d+)\)$,,) ? $1 : undef;
>      my $pnum = ($port =~ m,^(\d+)$,)[0];
>
>      @serv = getservbyname($port, $proto[0] || "")
>
>) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'After reading the patch I sent (and still would like to see applied,
I looked at the expression immediately following where $pnum
was set to a matched value or undef, I don\'t know if that
 (match in list context)[0]
idiom  is better, if think so, you could apply
the following tweek to the patch I sent earlier, so
that both patterns use the same idiom.

 Thanks,
   David


--- ext/IO/lib/IO/Socket/INET.pm.prepatch2	Fri Oct  5 17:25:29 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 17:26:00 2001
@@ -52,7 +52,8 @@
   }

   if(defined $port) {
-    my $defport = ($port =~ s,\\((\\d+)\\)$,,) ? $1 : undef;
+
+    my $defport = ($port =~ s,\\((\\d+)\\)$,,)[0];
     my $pnum = ($port =~ m,^(\\d+)$,)[0];

     @serv = getservbyname($port, $proto[0] || "")


On Fri, 5 Oct 2001, David Dyck wrote:

> From: David Dyck <dcd@tc.fluke.com>
> To: Jarkko Hietaniemi <jhi@iki.fi>
> Cc: Perl Porters <perl5-porters@perl.org>
> Date: Fri, 5 Oct 2001 16:04:43 -0700 (PDT)
> Subject: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)
> Return-Receipt-To: dcd@tc.fluke.com
>
> I submitted this patch via perlbug, with much explanation
> and a test program that showed the problem.  The old code
> assigned $defport from $1 if $1 was set, but sometimes
> the pattern match fails, and $1 comes from an earlier setting.
>     $port =~ s,\\((\\d+)\\)$,,;
>     my $defport = $1 || undef;
>
> I was getting this problem when using CPAN::WAIT extensions to CPAN
>  wq des=rcs
> but it\'s not really a CPAN issue.
>
> Fixing this bug should also fix Bug ID (20010803.022)
> so I\'ll post this to p5p with that in the subject
>
> Before the patch the test prints port=ls6-www.cs.uni-dortmund.de
> but after the patch the test prints port=1404  as expected
>
> use IO::Socket::INET;
> $host="ls6-www.cs.uni-dortmund.de";
> $host =~ /(.*)/;
> print "\\$1=$1\\n";
> $port=1404;
> $port =~ s,\\((\\d+)\\)$,,;
> print "\\$port=$port, \\$1=$1\\n";
>
> print "\\$INC{IO/Socket/INET.pm}=",$INC{\'IO/Socket/INET.pm\'},"\\n";
> @a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
> print "return port=", (scalar(@a) ? @a[1] : "undef"), "\\n";
> 1;
>
> __END__
>
>
> --- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
> +++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
> @@ -52,9 +52,7 @@
>    }
>
>    if(defined $port) {
> -    $port =~ s,\\((\\d+)\\)$,,;
> -
> -    my $defport = $1 || undef;
> +    my $defport = ($port =~ s,\\((\\d+)\\)$,,) ? $1 : undef;
>      my $pnum = ($port =~ m,^(\\d+)$,)[0];
>
>      @serv = getservbyname($port, $proto[0] || "")
>
>'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
	Alltook:  9 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (50070) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From(Michael G Schwern <schwern@pobox.com>) 
			In-Reply-To(<20011005141637.D30309@wolfetech.com>)
			Message-Id(<20011005204836.C4797@blackrider>) 
			Reply-To() 
			Subject(Re: A philosophical tainting issue) 
			To(kstar@cpan.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[14] domain(bugs\.perl\.org) ?-> to(kstar@cpan.org), subject(Re: A philosophical tainting issue), cc(perl5-porters@perl.org) 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x853ee34)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(Whoa, thanks!

On Fri, Oct 05, 2001 at 02:16:37PM -0700, Kurt D. Starsinic wrote:
> > I can't think of how this might cause a security problem.  Can anyone
> > else?
> 
>     $ENV{PATH} might not be set, and exec*() might be using a system-
> specific default search path.

This I've never heard of.  What works like this?


All the rest I can deal with or are outside my scope of concern.

There's still no way to tell at run-time if you're running under taint
or not, is there?

-- 

Michael G. Schwern   <schwern@pobox.com>    http://www.pobox.com/~schwern/
Perl6 Quality Assurance     <perl-qa@perl.org>	     Kwalitee Is Job One
"Let's face it," said bearded Rusty Simmons, opening a can after the
race.  "This is a good excuse to drink some beer."  At 10:30 in the
morning?  "Well, it's past noon in Dublin," said teammate Mike
[Joseph] Schwern.  "It's our duty."
    -- "Sure, and It's a Great Day for Irish Runners" 
       Newsday, Sunday, March 20, 1988) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'Whoa, thanks!

On Fri, Oct 05, 2001 at 02:16:37PM -0700, Kurt D. Starsinic wrote:
> > I can\'t think of how this might cause a security problem.  Can anyone
> > else?
> 
>     $ENV{PATH} might not be set, and exec*() might be using a system-
> specific default search path.

This I\'ve never heard of.  What works like this?


All the rest I can deal with or are outside my scope of concern.

There\'s still no way to tell at run-time if you\'re running under taint
or not, is there?

-- 

Michael G. Schwern   <schwern@pobox.com>    http://www.pobox.com/~schwern/
Perl6 Quality Assurance     <perl-qa@perl.org>	     Kwalitee Is Job One
"Let\'s face it," said bearded Rusty Simmons, opening a can after the
race.  "This is a good excuse to drink some beer."  At 10:30 in the
morning?  "Well, it\'s past noon in Dublin," said teammate Mike
[Joseph] Schwern.  "It\'s our duty."
    -- "Sure, and It\'s a Great Day for Irish Runners" 
       Newsday, Sunday, March 20, 1988'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 13 wallclock secs ( 0.22 usr +  0.04 sys =  0.26 CPU)
	Alltook: 13 wallclock secs ( 0.22 usr +  0.04 sys =  0.26 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (53236) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From(Jarkko Hietaniemi <jhi@iki.fi>) 
			In-Reply-To(<20011005152714.A4797@blackrider>; from schwern@pobox.com on
    Fri, Oct 05, 2001 at 03:27:14PM -0400)
			Message-Id(<20011006040123.A17417@alpha.hut.fi>) 
			Reply-To() 
			Subject(Re: A philosophical tainting issue) 
			To(Michael G Schwern <schwern@pobox.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[14] domain(bugs\.perl\.org) ?-> to(Michael G Schwern <schwern@pobox.com>), subject(Re: A philosophical tainting issue), cc(perl5-porters@perl.org) 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x853cf9c)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(You want to run the harness under the taint code, and to do this you
have to circumvent the taint checks?  I must be slow today but I do
not quite follow what are you planning to achieve?

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'You want to run the harness under the taint code, and to do this you
have to circumvent the taint checks?  I must be slow today but I do
not quite follow what are you planning to achieve?

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for \'stable\'.
        # It is \'dead\'. -- Jack Cohen'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 11 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
	Alltook: 11 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (58830) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Benjamin Goldberg <goldbb2@earthlink.net>) 
			In-Reply-To()
			Message-Id(<3BBE5EF2.C3689497@earthlink.net>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc() 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(David Dyck wrote:
> 
> After reading the patch I sent (and still would like to see applied,
> I looked at the expression immediately following where $pnum
> was set to a matched value or undef, I don't know if that
>  (match in list context)[0]
> idiom  is better, if think so, you could apply
> the following tweek to the patch I sent earlier, so
> that both patterns use the same idiom.

Ahh, but what does s/// return in list context?

The docs [perlfunc] say:

     Searches a string for a pattern, and if found, replaces that
     pattern with the replacement text and returns the number of
     substitutions made. Otherwise it returns false (specifically, the
     empty string). 

It doesn't mention list context, so I would assume that it returns the
number of substitutions, regardless of context.

However, about the use of (m,foo,)[0] ... I don't like it.  I would
prefer to see:
	my ($pnum) = m/^(\d+)$/;
But this is just me [just a matter of style]...

-- 
"I think not," said Descartes, and promptly disappeared.) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'David Dyck wrote:
> 
> After reading the patch I sent (and still would like to see applied,
> I looked at the expression immediately following where $pnum
> was set to a matched value or undef, I don\'t know if that
>  (match in list context)[0]
> idiom  is better, if think so, you could apply
> the following tweek to the patch I sent earlier, so
> that both patterns use the same idiom.

Ahh, but what does s/// return in list context?

The docs [perlfunc] say:

     Searches a string for a pattern, and if found, replaces that
     pattern with the replacement text and returns the number of
     substitutions made. Otherwise it returns false (specifically, the
     empty string). 

It doesn\'t mention list context, so I would assume that it returns the
number of substitutions, regardless of context.

However, about the use of (m,foo,)[0] ... I don\'t like it.  I would
prefer to see:
	my ($pnum) = m/^(\\d+)$/;
But this is just me [just a matter of style]...

-- 
"I think not," said Descartes, and promptly disappeared.'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 10 wallclock secs ( 0.20 usr +  0.02 sys =  0.22 CPU)
	Alltook: 10 wallclock secs ( 0.20 usr +  0.02 sys =  0.22 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (59524) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From(Jarkko Hietaniemi <jhi@iki.fi>) 
			In-Reply-To(<3BBE5EF2.C3689497@earthlink.net>; from goldbb2@earthlink.net
    on Fri, Oct 05, 2001 at 09:31:30PM -0400)
			Message-Id(<20011006043550.D17417@alpha.hut.fi>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(Benjamin Goldberg <goldbb2@earthlink.net>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[14] domain(bugs\.perl\.org) ?-> to(Benjamin Goldberg <goldbb2@earthlink.net>), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc(perl5-porters@perl.org) 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> David Dyck wrote:
> > 
> > After reading the patch I sent (and still would like to see applied,
> > I looked at the expression immediately following where $pnum
> > was set to a matched value or undef, I don't know if that
> >  (match in list context)[0]
> > idiom  is better, if think so, you could apply
> > the following tweek to the patch I sent earlier, so
> > that both patterns use the same idiom.
> 
> Ahh, but what does s/// return in list context?
> 
> The docs [perlfunc] say:
> 
>      Searches a string for a pattern, and if found, replaces that
>      pattern with the replacement text and returns the number of
>      substitutions made. Otherwise it returns false (specifically, the
>      empty string). 
> 
> It doesn't mention list context, so I would assume that it returns the
> number of substitutions, regardless of context.

Ooops.  So it does.  Rather silly return value but can't be helped by now.

> However, about the use of (m,foo,)[0] ... I don't like it.  I would
> prefer to see:
> 	my ($pnum) = m/^(\d+)$/;
> But this is just me [just a matter of style]...

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> David Dyck wrote:
> > 
> > After reading the patch I sent (and still would like to see applied,
> > I looked at the expression immediately following where $pnum
> > was set to a matched value or undef, I don\'t know if that
> >  (match in list context)[0]
> > idiom  is better, if think so, you could apply
> > the following tweek to the patch I sent earlier, so
> > that both patterns use the same idiom.
> 
> Ahh, but what does s/// return in list context?
> 
> The docs [perlfunc] say:
> 
>      Searches a string for a pattern, and if found, replaces that
>      pattern with the replacement text and returns the number of
>      substitutions made. Otherwise it returns false (specifically, the
>      empty string). 
> 
> It doesn\'t mention list context, so I would assume that it returns the
> number of substitutions, regardless of context.

Ooops.  So it does.  Rather silly return value but can\'t be helped by now.

> However, about the use of (m,foo,)[0] ... I don\'t like it.  I would
> prefer to see:
> 	my ($pnum) = m/^(\\d+)$/;
> But this is just me [just a matter of style]...

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for \'stable\'.
        # It is \'dead\'. -- Jack Cohen'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.01 usr +  0.00 sys =  0.01 CPU)
	Runtime: 18 wallclock secs ( 0.21 usr +  0.03 sys =  0.24 CPU)
	Alltook: 18 wallclock secs ( 0.22 usr +  0.03 sys =  0.25 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (73831) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Michael G Schwern <schwern@pobox.com>) 
			In-Reply-To(<20011006040123.A17417@alpha.hut.fi>)
			Message-Id(<20011005235901.H4797@blackrider>) 
			Reply-To() 
			Subject(Re: A philosophical tainting issue) 
			To(Jarkko Hietaniemi <jhi@iki.fi>, perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[14] domain(bugs\.perl\.org) ?-> to(Jarkko Hietaniemi <jhi@iki.fi>, perl5-porters@perl.org), subject(Re: A philosophical tainting issue), cc() 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x85ff2c4)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(On Sat, Oct 06, 2001 at 04:01:23AM +0300, Jarkko Hietaniemi wrote:
> You want to run the harness under the taint code, and to do this you
> have to circumvent the taint checks?  I must be slow today but I do
> not quite follow what are you planning to achieve?

Well, I'm looking at it this way.  Taint checks are there to force you
to think about potentially insecure code.  If you've checked out the
data involved, you detaint it and assume it's safe from there.

So I'm pondering if using $^X + $ENV{PATH} (or it's moral equivalent
on other operating systems) to locate the currently running perl
executable is insecure, or if I can just trust it given that's exactly
how I started running the currently running perl.  Most of what Kurt
pointed out seems well beyond the sort of thing taint mode is designed
to handle (such as the possibility of the perl executable being
maliciously replaced).


For more context, this doesn't concern the runtests() function
(ie. the usual "make test") but instead the new Test::Harness::Straps
programmatic interface that I've been trying to firm up.

    my $strap = Test::Harness::Straps->new;

    # Runs a foo.t test program and analyzes the output.
    my %results = $strap->analyze_file($some_test_file);

When run under taint mode, should that code simply explode because
it's inherently insecure to run a perl program?  Or should it only
explode if $some_test_file is tainted?


That's what I'm pondering.  If it's a real security risk merely to run
another perl program, or if it's only a risk if the filename in
question is tainted.


-- 

Michael G. Schwern   <schwern@pobox.com>    http://www.pobox.com/~schwern/
Perl6 Quality Assurance     <perl-qa@perl.org>	     Kwalitee Is Job One
Do you actually think about what you are saying or is it an improvisational 
game of Mad Libs that you play in your head?) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Sat, Oct 06, 2001 at 04:01:23AM +0300, Jarkko Hietaniemi wrote:
> You want to run the harness under the taint code, and to do this you
> have to circumvent the taint checks?  I must be slow today but I do
> not quite follow what are you planning to achieve?

Well, I\'m looking at it this way.  Taint checks are there to force you
to think about potentially insecure code.  If you\'ve checked out the
data involved, you detaint it and assume it\'s safe from there.

So I\'m pondering if using $^X + $ENV{PATH} (or it\'s moral equivalent
on other operating systems) to locate the currently running perl
executable is insecure, or if I can just trust it given that\'s exactly
how I started running the currently running perl.  Most of what Kurt
pointed out seems well beyond the sort of thing taint mode is designed
to handle (such as the possibility of the perl executable being
maliciously replaced).


For more context, this doesn\'t concern the runtests() function
(ie. the usual "make test") but instead the new Test::Harness::Straps
programmatic interface that I\'ve been trying to firm up.

    my $strap = Test::Harness::Straps->new;

    # Runs a foo.t test program and analyzes the output.
    my %results = $strap->analyze_file($some_test_file);

When run under taint mode, should that code simply explode because
it\'s inherently insecure to run a perl program?  Or should it only
explode if $some_test_file is tainted?


That\'s what I\'m pondering.  If it\'s a real security risk merely to run
another perl program, or if it\'s only a risk if the filename in
question is tainted.


-- 

Michael G. Schwern   <schwern@pobox.com>    http://www.pobox.com/~schwern/
Perl6 Quality Assurance     <perl-qa@perl.org>	     Kwalitee Is Job One
Do you actually think about what you are saying or is it an improvisational 
game of Mad Libs that you play in your head?'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.01 usr +  0.00 sys =  0.01 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 12 wallclock secs ( 0.24 usr +  0.02 sys =  0.27 CPU)
	Alltook: 12 wallclock secs ( 0.25 usr +  0.02 sys =  0.27 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (75812) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From("Brent Dax" <brentdax@cpan.org>) 
			In-Reply-To(<20011005235901.H4797@blackrider>)
			Message-Id(<FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>) 
			Reply-To() 
			Subject(RE: A philosophical tainting issue) 
			To("Michael G Schwern"
    <schwern@pobox.com>,
    "Jarkko Hietaniemi"
    <jhi@iki.fi>, <perl5-porters@perl.org>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[14] domain(bugs\.perl\.org) ?-> to("Michael G Schwern"
    <schwern@pobox.com>,
    "Jarkko Hietaniemi"
    <jhi@iki.fi>, <perl5-porters@perl.org>), subject(RE: A philosophical tainting issue), cc() 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x86016b8)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(Michael G Schwern:
# For more context, this doesn't concern the runtests() function
# (ie. the usual "make test") but instead the new Test::Harness::Straps
# programmatic interface that I've been trying to firm up.
#
#     my $strap = Test::Harness::Straps->new;
#
#     # Runs a foo.t test program and analyzes the output.
#     my %results = $strap->analyze_file($some_test_file);
#
# When run under taint mode, should that code simply explode because
# it's inherently insecure to run a perl program?  Or should it only
# explode if $some_test_file is tainted?
#
#
# That's what I'm pondering.  If it's a real security risk merely to run
# another perl program, or if it's only a risk if the filename in
# question is tainted.

I think that the only reason tests are run under taint mode is to make
sure that the module in question doesn't explode.  Therefore,
Test::Harness::Straps shouldn't fuss about any tainting.  If you're that
worried about how secure some tests are, then why did you download the
thing you're testing anyway?

--Brent Dax
brentdax@cpan.org
Configure pumpking for Perl 6

They *will* pay for what they've done.) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'Michael G Schwern:
# For more context, this doesn\'t concern the runtests() function
# (ie. the usual "make test") but instead the new Test::Harness::Straps
# programmatic interface that I\'ve been trying to firm up.
#
#     my $strap = Test::Harness::Straps->new;
#
#     # Runs a foo.t test program and analyzes the output.
#     my %results = $strap->analyze_file($some_test_file);
#
# When run under taint mode, should that code simply explode because
# it\'s inherently insecure to run a perl program?  Or should it only
# explode if $some_test_file is tainted?
#
#
# That\'s what I\'m pondering.  If it\'s a real security risk merely to run
# another perl program, or if it\'s only a risk if the filename in
# question is tainted.

I think that the only reason tests are run under taint mode is to make
sure that the module in question doesn\'t explode.  Therefore,
Test::Harness::Straps shouldn\'t fuss about any tainting.  If you\'re that
worried about how secure some tests are, then why did you download the
thing you\'re testing anyway?

--Brent Dax
brentdax@cpan.org
Configure pumpking for Perl 6

They *will* pay for what they\'ve done.'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 11 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
	Alltook: 11 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (83090) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(tmddcvwjc@hotmail.com) 
			In-Reply-To()
			Message-Id(<200110060851.f968pIb09159@complat.ru>) 
			Reply-To() 
			Subject(Email Marketing Works! Cheap & Effective!) 
			To(<pcd6lovmyic@hotmail.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[14] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.01 usr +  0.00 sys =  0.01 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 11 wallclock secs ( 0.19 usr +  0.03 sys =  0.22 CPU)
	Alltook: 11 wallclock secs ( 0.20 usr +  0.03 sys =  0.23 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[15] SQL: SHOW fields FROM pb_range 
[16] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (83345) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(tmddcvwjc@hotmail.com) 
			In-Reply-To()
			Message-Id(<200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>) 
			Reply-To() 
			Subject(Email Marketing Works! Cheap & Effective!) 
			To(<pcd6lovmyic@hotmail.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[14] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.22 usr +  0.01 sys =  0.23 CPU)
	Alltook:  9 wallclock secs ( 0.22 usr +  0.01 sys =  0.23 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[15] SQL: SHOW fields FROM pb_range 
[16] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (84810) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From(Jarkko Hietaniemi <jhi@iki.fi>) 
			In-Reply-To(<20011005235901.H4797@blackrider>; from schwern@pobox.com on
    Fri, Oct 05, 2001 at 11:59:01PM -0400)
			Message-Id(<20011006080045.B13905@alpha.hut.fi>) 
			Reply-To() 
			Subject(Re: A philosophical tainting issue) 
			To(Michael G Schwern <schwern@pobox.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[14] domain(bugs\.perl\.org) ?-> to(Michael G Schwern <schwern@pobox.com>), subject(Re: A philosophical tainting issue), cc(perl5-porters@perl.org) 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x86016a0)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(On Fri, Oct 05, 2001 at 11:59:01PM -0400, Michael G Schwern wrote:
> On Sat, Oct 06, 2001 at 04:01:23AM +0300, Jarkko Hietaniemi wrote:
> > You want to run the harness under the taint code, and to do this you
> > have to circumvent the taint checks?  I must be slow today but I do
> > not quite follow what are you planning to achieve?
> 
> Well, I'm looking at it this way.  Taint checks are there to force you
> to think about potentially insecure code.  If you've checked out the
> data involved, you detaint it and assume it's safe from there.
> 
> So I'm pondering if using $^X + $ENV{PATH} (or it's moral equivalent
> on other operating systems) to locate the currently running perl
> executable is insecure, or if I can just trust it given that's exactly
> how I started running the currently running perl.  Most of what Kurt

At least #! completely bypasses $ENV{PATH}.

> When run under taint mode, should that code simply explode because
> it's inherently insecure to run a perl program?  Or should it only

Well, it *is*, if you are trusting the original $ENV{PATH}.  Either
you reset the path (to something untainted :-) or you use an absolute
path for the executable.

> explode if $some_test_file is tainted?

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Fri, Oct 05, 2001 at 11:59:01PM -0400, Michael G Schwern wrote:
> On Sat, Oct 06, 2001 at 04:01:23AM +0300, Jarkko Hietaniemi wrote:
> > You want to run the harness under the taint code, and to do this you
> > have to circumvent the taint checks?  I must be slow today but I do
> > not quite follow what are you planning to achieve?
> 
> Well, I\'m looking at it this way.  Taint checks are there to force you
> to think about potentially insecure code.  If you\'ve checked out the
> data involved, you detaint it and assume it\'s safe from there.
> 
> So I\'m pondering if using $^X + $ENV{PATH} (or it\'s moral equivalent
> on other operating systems) to locate the currently running perl
> executable is insecure, or if I can just trust it given that\'s exactly
> how I started running the currently running perl.  Most of what Kurt

At least #! completely bypasses $ENV{PATH}.

> When run under taint mode, should that code simply explode because
> it\'s inherently insecure to run a perl program?  Or should it only

Well, it *is*, if you are trusting the original $ENV{PATH}.  Either
you reset the path (to something untainted :-) or you use an absolute
path for the executable.

> explode if $some_test_file is tainted?

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for \'stable\'.
        # It is \'dead\'. -- Jack Cohen'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 23 wallclock secs ( 0.23 usr +  0.03 sys =  0.27 CPU)
	Alltook: 23 wallclock secs ( 0.23 usr +  0.03 sys =  0.27 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (86560) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Jarkko Hietaniemi <jhi@iki.fi>) 
			In-Reply-To()
			Message-Id(<20011006080549.C13905@alpha.hut.fi>) 
			Reply-To(Lindsay Morris <servergraph.com@verizon.net>) 
			Subject([servergraph.com@verizon.net: Bug in timelocal?]) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject([servergraph.com@verizon.net: Bug in timelocal?]), cc() 
[15] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[16] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[17] cmd(quiet) arg(----- Forwarded message from Lindsay Morris <servergraph.com@verizon.net> -----

Subject: Bug in timelocal?
From: "Lindsay Morris" <servergraph.com@verizon.net>
Date: Fri, 5 Oct 2001 15:32:20 -0400
Message-ID: <002501c14dd4$7372e680$4cb8f5c0@lmorris>
To: <cpan@perl.org>
Reply-To: <lmorris@servergraph.com>
Importance: Normal

Add a minute, gain an hour?
Run this:

#!/usr/bin/perl
use Time::Local;
print "timelocal(0,59,0,28,9,101) is:", timelocal(0,59,0,28,9,101),"\n";
print "timelocal(0, 0,1,28,9,101) is:", timelocal(0, 0,1,28,9,101),"\n";
# with perl 5.6.0.1 on AIX 4.3.2.0, I get:
# timelocal(0,59,0,28,9,101) is:1004245140
# timelocal(0, 0,1,28,9,101) is:1004248800
# The difference is seconds is an hour and a minute, not just a minute.
# Lindsay Morris / lmorris@servergraph.com / 859-253-8000

Same behavior w perl v 5.005.03.
Any wisdom appreciated...
---------------------------------
Mr. Lindsay Morris
Principal
Applied System Design
lmorris@servergraph.com
Office: 859-253-8000
   Fax: 425-988-8478

----- End forwarded message -----

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen) => ret: $VAR1 = {
          'opts' => '',
          'body' => '----- Forwarded message from Lindsay Morris <servergraph.com@verizon.net> -----

Subject: Bug in timelocal?
From: "Lindsay Morris" <servergraph.com@verizon.net>
Date: Fri, 5 Oct 2001 15:32:20 -0400
Message-ID: <002501c14dd4$7372e680$4cb8f5c0@lmorris>
To: <cpan@perl.org>
Reply-To: <lmorris@servergraph.com>
Importance: Normal

Add a minute, gain an hour?
Run this:

#!/usr/bin/perl
use Time::Local;
print "timelocal(0,59,0,28,9,101) is:", timelocal(0,59,0,28,9,101),"\\n";
print "timelocal(0, 0,1,28,9,101) is:", timelocal(0, 0,1,28,9,101),"\\n";
# with perl 5.6.0.1 on AIX 4.3.2.0, I get:
# timelocal(0,59,0,28,9,101) is:1004245140
# timelocal(0, 0,1,28,9,101) is:1004248800
# The difference is seconds is an hour and a minute, not just a minute.
# Lindsay Morris / lmorris@servergraph.com / 859-253-8000

Same behavior w perl v 5.005.03.
Any wisdom appreciated...
---------------------------------
Mr. Lindsay Morris
Principal
Applied System Design
lmorris@servergraph.com
Office: 859-253-8000
   Fax: 425-988-8478

----- End forwarded message -----

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for \'stable\'.
        # It is \'dead\'. -- Jack Cohen'
        };
 
[18] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  1 wallclock secs ( 0.24 usr +  0.00 sys =  0.24 CPU)
	Alltook:  1 wallclock secs ( 0.24 usr +  0.00 sys =  0.24 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[19] SQL: SHOW fields FROM pb_range 
[20] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (93733) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(<lnhxdb@online.ln.cn>) 
			In-Reply-To()
			Message-Id(<200110060605.f9664n119215@chthon.perl.com>) 
			Reply-To(lnhxdb@online.ln.cn) 
			Subject(ȫ˹ܶһɻԪ) 
			To() 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[14] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.01 usr +  0.01 sys =  0.02 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  7 wallclock secs ( 0.20 usr +  0.00 sys =  0.20 CPU)
	Alltook:  7 wallclock secs ( 0.21 usr +  0.01 sys =  0.22 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[15] SQL: SHOW fields FROM pb_range 
[16] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (95884) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(Benjamin Goldberg <goldbb2@earthlink.net>,  <perl5-porters@perl.org>) 
			From(David Dyck <dcd@tc.fluke.com>) 
			In-Reply-To(<20011006043550.D17417@alpha.hut.fi>)
			Message-Id(<Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(Jarkko Hietaniemi <jhi@iki.fi>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(Jarkko Hietaniemi <jhi@iki.fi>), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc(Benjamin Goldberg <goldbb2@earthlink.net>,  <perl5-porters@perl.org>) 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(On Sat, 6 Oct 2001, Jarkko Hietaniemi wrote:

>
> On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> > David Dyck wrote:
> > >
> > > After reading the patch I sent (and still would like to see applied,
> > > I looked at the expression immediately following where $pnum
> > > was set to a matched value or undef, I don't know if that
> > >  (match in list context)[0]
> > > idiom  is better, if you think so, you could apply
> > > the following tweek to the patch I sent earlier, so
> > > that both patterns use the same idiom.

As I'll mention later, it is valuable to have the code consistent

> > Ahh, but what does s/// return in list context?

> Ooops.  So it does.  Rather silly return value but can't be helped by now.

We aren't talking about substitute, but rather the match operator.

in perldoc perlop I the following text which I think is pretty explicit

======================================================================

The "/g" modifier specifies global pattern
               matching--that is, matching as many times as
               possible within the string.  How it behaves
               depends on the context.  In list context, it    <<<<< list
               returns a list of the substrings matched by any
               capturing parentheses in the regular expression.
               If there are no parentheses, it returns a list of
               all the matched strings, as if there were
               parentheses around the whole pattern.


======================================================================
 If the "/g" option is not used, "m//" in list			<<< list
               context returns a list consisting of the
               subexpressions matched by the parentheses in the
               pattern, i.e., ($1, $2, $3...).  (Note that here
               $1 etc. are also set, and that this differs from
               Perl 4's behavior.)  When there are no parentheses
               in the pattern, the return value is the list "(1)"
               for success.  With or without parentheses, an
               empty list is returned upon failure.

======================================================================
Now, for opinions :-)



I'd be glad to allow others to judge the 'style', but I do
think that whatever style is chosen it should be consistent.
I don't think it must be clearest for the first time reader,
but it should be VERY CLEAR what the code write intends, once
the reader understands what is written.

for the first time reader it is probably best to expand
to
 if ($string =~ m/pattern with parens/) {
	$var = do something  with $1
 } ....

when you look at
  $var =   $string =~ /pattern with parens/ ?  something with $1 : undef
and
  $var =   ($string =~ /pattern with parens/ )[0]

you may stop once, but after you get the idiom you can skim
it quickly.

I think it is more important to comment the code to indicate
which expressions have higher priority, as it is obvious that
that is where the logic changes have occured. (there is no design
document to fall back to to determine what is important, but
perhaps it should be 'obvious' to the reader once they think
about it (there is some description in the POD text
  -- I mean, if you have a protocol number that should override
a default value
    but why is the getservbyname($port, $proto[0] || 0)
higher priority than the a parenthesized numeric value in the port field
which is higher than a non-parenthesized fully numeric specified port number?
See, as I think about it I reliaze that the last 2 are mutually exclusive
of each other, but the code never even had and if / else clause.
There may have even been a way to have one regexp capture the number

============================

one last question:

  is there a way to get the revision log of changes to this file?

    (it is difficult to browse through all the diffs, and some
     of this comes from before 5.6.0

David) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Sat, 6 Oct 2001, Jarkko Hietaniemi wrote:

>
> On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> > David Dyck wrote:
> > >
> > > After reading the patch I sent (and still would like to see applied,
> > > I looked at the expression immediately following where $pnum
> > > was set to a matched value or undef, I don\'t know if that
> > >  (match in list context)[0]
> > > idiom  is better, if you think so, you could apply
> > > the following tweek to the patch I sent earlier, so
> > > that both patterns use the same idiom.

As I\'ll mention later, it is valuable to have the code consistent

> > Ahh, but what does s/// return in list context?

> Ooops.  So it does.  Rather silly return value but can\'t be helped by now.

We aren\'t talking about substitute, but rather the match operator.

in perldoc perlop I the following text which I think is pretty explicit

======================================================================

The "/g" modifier specifies global pattern
               matching--that is, matching as many times as
               possible within the string.  How it behaves
               depends on the context.  In list context, it    <<<<< list
               returns a list of the substrings matched by any
               capturing parentheses in the regular expression.
               If there are no parentheses, it returns a list of
               all the matched strings, as if there were
               parentheses around the whole pattern.


======================================================================
 If the "/g" option is not used, "m//" in list			<<< list
               context returns a list consisting of the
               subexpressions matched by the parentheses in the
               pattern, i.e., ($1, $2, $3...).  (Note that here
               $1 etc. are also set, and that this differs from
               Perl 4\'s behavior.)  When there are no parentheses
               in the pattern, the return value is the list "(1)"
               for success.  With or without parentheses, an
               empty list is returned upon failure.

======================================================================
Now, for opinions :-)



I\'d be glad to allow others to judge the \'style\', but I do
think that whatever style is chosen it should be consistent.
I don\'t think it must be clearest for the first time reader,
but it should be VERY CLEAR what the code write intends, once
the reader understands what is written.

for the first time reader it is probably best to expand
to
 if ($string =~ m/pattern with parens/) {
	$var = do something  with $1
 } ....

when you look at
  $var =   $string =~ /pattern with parens/ ?  something with $1 : undef
and
  $var =   ($string =~ /pattern with parens/ )[0]

you may stop once, but after you get the idiom you can skim
it quickly.

I think it is more important to comment the code to indicate
which expressions have higher priority, as it is obvious that
that is where the logic changes have occured. (there is no design
document to fall back to to determine what is important, but
perhaps it should be \'obvious\' to the reader once they think
about it (there is some description in the POD text
  -- I mean, if you have a protocol number that should override
a default value
    but why is the getservbyname($port, $proto[0] || 0)
higher priority than the a parenthesized numeric value in the port field
which is higher than a non-parenthesized fully numeric specified port number?
See, as I think about it I reliaze that the last 2 are mutually exclusive
of each other, but the code never even had and if / else clause.
There may have even been a way to have one regexp capture the number

============================

one last question:

  is there a way to get the revision log of changes to this file?

    (it is difficult to browse through all the diffs, and some
     of this comes from before 5.6.0

David'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  8 wallclock secs ( 0.23 usr +  0.01 sys =  0.23 CPU)
	Alltook:  8 wallclock secs ( 0.23 usr +  0.01 sys =  0.23 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (145) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Benjamin Goldberg <goldbb2@earthlink.net>) 
			In-Reply-To()
			Message-Id(<3BBEA53B.8AB73D4@earthlink.net>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc() 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(David Dyck wrote:
> 
> On Sat, 6 Oct 2001, Jarkko Hietaniemi wrote:
> 
> >
> > On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> > > David Dyck wrote:
> > > >
> > > > After reading the patch I sent (and still would like to see
> > > > applied, I looked at the expression immediately following where
> > > > $pnum was set to a matched value or undef, I don't know if that
> > > >  (match in list context)[0]
> > > > idiom  is better, if you think so, you could apply
> > > > the following tweek to the patch I sent earlier, so
> > > > that both patterns use the same idiom.
> 
> As I'll mention later, it is valuable to have the code consistent
> 
> > > Ahh, but what does s/// return in list context?
> 
> > Ooops.  So it does.  Rather silly return value but can't be helped
> > by now.
> 
> We aren't talking about substitute, but rather the match operator.

*I* was talking about your use of:

+    my $defport = ($port =~ s,\((\d+)\)$,,)[0];

> in perldoc perlop I the following text which I think is pretty
> explicit
> 
> ======================================================================
> 
> The "/g" modifier specifies global pattern
>                matching--that is, matching as many times as
>                possible within the string.  How it behaves
>                depends on the context.  In list context, it <<<<< list
>                returns a list of the substrings matched by any
>                capturing parentheses in the regular expression.
>                If there are no parentheses, it returns a list of
>                all the matched strings, as if there were
>                parentheses around the whole pattern.

This has nothing to do with the code we're discussing, since /g wasn't
used.

> ======================================================================
>  If the "/g" option is not used, "m//" in list               <<< list
>                context returns a list consisting of the
>                subexpressions matched by the parentheses in the
>                pattern, i.e., ($1, $2, $3...).  (Note that here
>                $1 etc. are also set, and that this differs from
>                Perl 4's behavior.)  When there are no parentheses
>                in the pattern, the return value is the list "(1)"
>                for success.  With or without parentheses, an
>                empty list is returned upon failure.

This is talking about m// in list context, which is what enables:

     my $pnum = ($port =~ m,^(\d+)$,)[0];

to work.  It is *not* talking about s/// ... so there's no reason
whatsoever to believe that:

+    my $defport = ($port =~ s,\((\d+)\)$,,)[0];

Should work.

> ======================================================================
> Now, for opinions :-)
[snip]
> for the first time reader it is probably best to expand
> to
>  if ($string =~ m/pattern with parens/) {
>         $var = do something  with $1
>  } ....
> 
> when you look at
>   $var =   $string =~ /pattern with parens/ ?  something with $1 : undef
> and
>   $var =   ($string =~ /pattern with parens/ )[0]
> 
> you may stop once, but after you get the idiom you can skim
> it quickly.

Of course, a much more common idiom is:

($var) = /pattern with parens/;

Where the use of () on the left supplies a list context.
This is also [imho] rather more readable.

-- 
"I think not," said Descartes, and promptly disappeared.) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'David Dyck wrote:
> 
> On Sat, 6 Oct 2001, Jarkko Hietaniemi wrote:
> 
> >
> > On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> > > David Dyck wrote:
> > > >
> > > > After reading the patch I sent (and still would like to see
> > > > applied, I looked at the expression immediately following where
> > > > $pnum was set to a matched value or undef, I don\'t know if that
> > > >  (match in list context)[0]
> > > > idiom  is better, if you think so, you could apply
> > > > the following tweek to the patch I sent earlier, so
> > > > that both patterns use the same idiom.
> 
> As I\'ll mention later, it is valuable to have the code consistent
> 
> > > Ahh, but what does s/// return in list context?
> 
> > Ooops.  So it does.  Rather silly return value but can\'t be helped
> > by now.
> 
> We aren\'t talking about substitute, but rather the match operator.

*I* was talking about your use of:

+    my $defport = ($port =~ s,\\((\\d+)\\)$,,)[0];

> in perldoc perlop I the following text which I think is pretty
> explicit
> 
> ======================================================================
> 
> The "/g" modifier specifies global pattern
>                matching--that is, matching as many times as
>                possible within the string.  How it behaves
>                depends on the context.  In list context, it <<<<< list
>                returns a list of the substrings matched by any
>                capturing parentheses in the regular expression.
>                If there are no parentheses, it returns a list of
>                all the matched strings, as if there were
>                parentheses around the whole pattern.

This has nothing to do with the code we\'re discussing, since /g wasn\'t
used.

> ======================================================================
>  If the "/g" option is not used, "m//" in list               <<< list
>                context returns a list consisting of the
>                subexpressions matched by the parentheses in the
>                pattern, i.e., ($1, $2, $3...).  (Note that here
>                $1 etc. are also set, and that this differs from
>                Perl 4\'s behavior.)  When there are no parentheses
>                in the pattern, the return value is the list "(1)"
>                for success.  With or without parentheses, an
>                empty list is returned upon failure.

This is talking about m// in list context, which is what enables:

     my $pnum = ($port =~ m,^(\\d+)$,)[0];

to work.  It is *not* talking about s/// ... so there\'s no reason
whatsoever to believe that:

+    my $defport = ($port =~ s,\\((\\d+)\\)$,,)[0];

Should work.

> ======================================================================
> Now, for opinions :-)
[snip]
> for the first time reader it is probably best to expand
> to
>  if ($string =~ m/pattern with parens/) {
>         $var = do something  with $1
>  } ....
> 
> when you look at
>   $var =   $string =~ /pattern with parens/ ?  something with $1 : undef
> and
>   $var =   ($string =~ /pattern with parens/ )[0]
> 
> you may stop once, but after you get the idiom you can skim
> it quickly.

Of course, a much more common idiom is:

($var) = /pattern with parens/;

Where the use of () on the left supplies a list context.
This is also [imho] rather more readable.

-- 
"I think not," said Descartes, and promptly disappeared.'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 14 wallclock secs ( 0.24 usr +  0.01 sys =  0.25 CPU)
	Alltook: 14 wallclock secs ( 0.24 usr +  0.01 sys =  0.25 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 

From - Sun Oct  7 14:30:49 2001
Return-Path: <perlbug@onion.perl.org>
Received: from mimer.null.dk ([130.228.230.9]) by mailin03.sul.t-online.de
	with smtp id 15qB8L-29CGmmC; Sun, 7 Oct 2001 12:26:09 +0200
Received: (qmail 22628 invoked by uid 1038); 7 Oct 2001 10:26:09 -0000
Delivered-To: richard@mimer.null.dk
Received: (qmail 22616 invoked by uid 1038); 7 Oct 2001 10:26:08 -0000
Delivered-To: richard-rfi-rjsf-tron5@rfi.net
Received: (qmail 22612 invoked from network); 7 Oct 2001 10:26:06 -0000
Received: from onion.valueclick.com (HELO onion.perl.org) (209.85.157.220)
  by mimer.null.dk with SMTP; 7 Oct 2001 10:26:06 -0000
Received: (qmail 78555 invoked by uid 1007); 7 Oct 2001 10:26:03 -0000
Date: 7 Oct 2001 10:26:03 -0000
Message-ID: <20011007102603.78554.qmail@onion.perl.org>
From: perlbug@onion.perl.org
To: rjsf-tron5@rfi.net
X-Mozilla-Status: 8001
X-Mozilla-Status2: 00000000
X-UIDL: 62bbfb2e5dca5613

[0] INIT 2.86 (72805) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Nicholas Clark <nick@ccl4.org>) 
			In-Reply-To()
			Message-Id(<20011005113358.Z38756@plum.flirble.org>) 
			Reply-To() 
			Subject([PATCH] perlfunc/select) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005113358.Z38756@plum.flirble.org>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject([PATCH] perlfunc/select), cc() 
[15] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[16] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[17] cmd(quiet) arg(Do docpatches still go to p5p, or should they now be on a pod list?

Nicholas Clark

--- pod/perlfunc.pod.orig       Sun Sep 30 02:17:48 2001
+++ pod/perlfunc.pod    Fri Oct  5 11:31:44 2001
@@ -4111,7 +4111,7 @@

 Any of the bit masks can also be undef.  The timeout, if specified, is
 in seconds, which may be fractional.  Note: not all implementations are
-capable of returning the$timeleft.  If not, they always return
+capable of returning the $timeleft.  If not, they always return
 $timeleft equal to the supplied $timeout.

 You can effect a sleep of 250 milliseconds this way:) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'Do docpatches still go to p5p, or should they now be on a pod list?

Nicholas Clark

--- pod/perlfunc.pod.orig       Sun Sep 30 02:17:48 2001
+++ pod/perlfunc.pod    Fri Oct  5 11:31:44 2001
@@ -4111,7 +4111,7 @@

 Any of the bit masks can also be undef.  The timeout, if specified, is
 in seconds, which may be fractional.  Note: not all implementations are
-capable of returning the$timeleft.  If not, they always return
+capable of returning the $timeleft.  If not, they always return
 $timeleft equal to the supplied $timeout.

 You can effect a sleep of 250 milliseconds this way:'
        };
 
[18] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.01 usr +  0.01 sys =  0.02 CPU)
	Runtime:  5 wallclock secs ( 0.20 usr +  0.02 sys =  0.23 CPU)
	Alltook:  5 wallclock secs ( 0.21 usr +  0.03 sys =  0.24 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[19] SQL: SHOW fields FROM pb_range 
[20] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (16617) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From("Kurt D. Starsinic" <kstar@wolfetech.com>) 
			In-Reply-To(<20011005152714.A4797@blackrider>)
			Message-Id(<20011005141637.D30309@wolfetech.com>) 
			Reply-To(kstar@cpan.org) 
			Subject(Re: A philosophical tainting issue) 
			To(Michael G Schwern <schwern@pobox.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(Michael G Schwern <schwern@pobox.com>), subject(Re: A philosophical tainting issue), cc(perl5-porters@perl.org) 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x86012dc)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(On Oct 05, Michael Schwern wrote:
> I've got a tainting problem that might be solved by a philosophical
> rather than techinical solution, want to know what people think of it.
> 
> Lemme splain.
> 
> I'm rejiggering the guts of Test::Harness, and one of the goals is to
> make it work under taint mode.  Test::Harness obviously has to run
> Perl programms, and this involves using $^X.  $^X is tainted.  Even
> worse, $^X is often just "perl", which means $ENV{PATH} enters the
> picture.
> 
> My solution to the problem is to manually use $ENV{PATH} to resolve a
> non-absolute $^X, detaint the result and use it in system or open or
> whatever.  My thinking is that since this is the same data and logic
> that got us to the currently running perl binary, we can trust it
> implicitly.
> 
> I can't think of how this might cause a security problem.  Can anyone
> else?

    $ENV{PATH} might not be set, and exec*() might be using a system-
specific default search path.

    You need to correctly parse the appropriate environment variable(s)
for every operating system and filesystem type.

    If you can't be sure that the relevant Test::Harness code runs before
any BEGIN blocks in the test itself, then the test could maliciously change
$ENV{PATH} or $^X.

    perl -e 'exec { "perl" } "/sbin/halt"'

    Your executable could have been deleted since exec*()-time, causing
a PATH search to fail or turn up the wrong executable.

    There isn't a cross-platform way to _know_ the full path to your
executable.

    - Kurt) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Oct 05, Michael Schwern wrote:
> I\'ve got a tainting problem that might be solved by a philosophical
> rather than techinical solution, want to know what people think of it.
> 
> Lemme splain.
> 
> I\'m rejiggering the guts of Test::Harness, and one of the goals is to
> make it work under taint mode.  Test::Harness obviously has to run
> Perl programms, and this involves using $^X.  $^X is tainted.  Even
> worse, $^X is often just "perl", which means $ENV{PATH} enters the
> picture.
> 
> My solution to the problem is to manually use $ENV{PATH} to resolve a
> non-absolute $^X, detaint the result and use it in system or open or
> whatever.  My thinking is that since this is the same data and logic
> that got us to the currently running perl binary, we can trust it
> implicitly.
> 
> I can\'t think of how this might cause a security problem.  Can anyone
> else?

    $ENV{PATH} might not be set, and exec*() might be using a system-
specific default search path.

    You need to correctly parse the appropriate environment variable(s)
for every operating system and filesystem type.

    If you can\'t be sure that the relevant Test::Harness code runs before
any BEGIN blocks in the test itself, then the test could maliciously change
$ENV{PATH} or $^X.

    perl -e \'exec { "perl" } "/sbin/halt"\'

    Your executable could have been deleted since exec*()-time, causing
a PATH search to fail or turn up the wrong executable.

    There isn\'t a cross-platform way to _know_ the full path to your
executable.

    - Kurt'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  1 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.23 usr +  0.01 sys =  0.24 CPU)
	Alltook: 10 wallclock secs ( 0.23 usr +  0.01 sys =  0.24 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (21095) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(David Dyck <dcd@tc.fluke.com>) 
			In-Reply-To()
			Message-Id(<200110052152.OAA09666@dd.tc.fluke.com>) 
			Reply-To() 
			Subject(IO::Socket::INET::_sock_info re-uses $1 and returns hostname as port) 
			To(perlbug@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052152.OAA09666@dd.tc.fluke.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(perlbug@perl.org), subject(IO::Socket::INET::_sock_info re-uses $1 and returns hostname as port), cc() 
[15] NEW BUG new(1): Yup! perl(\bperl|perl\b) subject(IO::Socket::INET::_sock_info re-uses $1 and returns hostname as port) :-)) 
[16] Decision -> do_new(1) NEW BUG new(1): Yup! perl(\bperl|perl\b) subject(IO::Socket::INET::_sock_info re-uses $1 and returns hostname as port) :-)) 
[17] cmd(B) arg(This is a bug report for perl from dcd@tc.fluke.com,
generated with the help of perlbug 1.33 running under perl v5.7.2.


-----------------------------------------------------------------
[Please enter your report here]

I had been getting errors like
Argument "ls6-www.cs.uni-dortmund.de" 
 isn't numeric in subroutine entry at 
  /usr/local/lib/perl5/5.7.2/IO/Socket/INET.pm line 191.

when using CPAN::WAIT "wq" command in CPAN

The expression in that line
  pack_sockaddr_in($rport, $raddr)
is in the IO::Socket::INET::configure
where $rport is 'ls6-www.cs.uni-dortmund.de' when it should
be the number 1404.

$raddr and $rport are assigned earlier from a call to
 _sock_info('ls6-www.cs.uni-dortmund.de', 1404, 6)

if $1 has already been set before the call to _sock_info
then port is returned incorrectly

The following program:

use IO::Socket::INET;
$host="ls6-www.cs.uni-dortmund.de";
$host =~ /(.*)/;
@a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
print "return port=", (scalar(@a) ? @a[1] : "undef"), "\n";

prints
return port=ls6-www.cs.uni-dortmund.de

when it should print
return port=1404

as it does after the following patch is applied.
  (My guess is that the code used to be called with $1 undefined,)

Or perhaps $1 used to be cleared, (as it's set now in CPAN/WAIT.pm line 55)

/-----------------------------------------------------------------\
| If you've read this far, is there a way to get the revision log |
| for ext/IO/lib/IO/Socket/INET.pm?                               |
\-----------------------------------------------------------------/


--- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
@@ -52,9 +52,7 @@
   }
 
   if(defined $port) {
-    $port =~ s,\((\d+)\)$,,;
-
-    my $defport = $1 || undef;
+    my $defport = ($port =~ s,\((\d+)\)$,,) ? $1 : undef;
     my $pnum = ($port =~ m,^(\d+)$,)[0];
 
     @serv = getservbyname($port, $proto[0] || "")


[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
    category=library
    severity=high
---
Site configuration information for perl v5.7.2:

Configured by dcd at Wed Oct  3 18:05:30 PDT 2001.

Summary of my perl5 (revision 5.0 version 7 subversion 2 patch 12322) configuration:
  Platform:
    osname=linux, osvers=2.4.10-ac3, archname=i686-linux
    uname='linux dd 2.4.10-ac3 #3 tue oct 2 08:14:46 pdt 2001 i686 '
    config_args='-Dinstallusrbinperl -Uversiononly -Dusedevel -Doptimize=-O3 -g -de -Dcf_email=dcd@tc.fluke.com'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=n, bincompat5005=define
  Compiler:
    cc='cc', ccflags ='-DDEBUGGING -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O3 -g',
    cppflags='-DDEBUGGING -fno-strict-aliasing -I/usr/local/include'
    ccversion='', gccversion='egcs-2.91.66.1 19990314/Linux (egcs-1.1.2 release)', gccosandvers=''
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=4
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lgdbm -ldbm -ldb -ldl -lm -lc
    perllibs=-ldl -lm -lc
    libc=/lib/libc.so.5.4.44, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic'
    cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib'

Locally applied patches:
    DEVEL12306

---
@INC for perl v5.7.2:
    /usr/local/lib/perl5/5.7.2/i686-linux
    /usr/local/lib/perl5/5.7.2
    /usr/local/lib/perl5/site_perl/5.7.2/i686-linux
    /usr/local/lib/perl5/site_perl/5.7.2
    /usr/local/lib/perl5/site_perl/5.6.1/i686-linux
    /usr/local/lib/perl5/site_perl/5.6.1
    /usr/local/lib/perl5/site_perl
    .

---
Environment for perl v5.7.2:
    HOME=/home/dcd
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/dcd/bin:/sbin:/usr/local/bin:/bin:/usr/bin:/usr/X11/bin:/usr/games:/usr/local/samba:/home/hobbes/tools/scripts:/home/hobbes/tools/linux:/usr0/hobbes/tools/scripts:/usr0/dcd/bin:/apps/general/bin:/usr/public
    PERL_BADLANG (unset)
    SHELL=/bin/bash) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'This is a bug report for perl from dcd@tc.fluke.com,
generated with the help of perlbug 1.33 running under perl v5.7.2.


-----------------------------------------------------------------
[Please enter your report here]

I had been getting errors like
Argument "ls6-www.cs.uni-dortmund.de" 
 isn\'t numeric in subroutine entry at 
  /usr/local/lib/perl5/5.7.2/IO/Socket/INET.pm line 191.

when using CPAN::WAIT "wq" command in CPAN

The expression in that line
  pack_sockaddr_in($rport, $raddr)
is in the IO::Socket::INET::configure
where $rport is \'ls6-www.cs.uni-dortmund.de\' when it should
be the number 1404.

$raddr and $rport are assigned earlier from a call to
 _sock_info(\'ls6-www.cs.uni-dortmund.de\', 1404, 6)

if $1 has already been set before the call to _sock_info
then port is returned incorrectly

The following program:

use IO::Socket::INET;
$host="ls6-www.cs.uni-dortmund.de";
$host =~ /(.*)/;
@a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
print "return port=", (scalar(@a) ? @a[1] : "undef"), "\\n";

prints
return port=ls6-www.cs.uni-dortmund.de

when it should print
return port=1404

as it does after the following patch is applied.
  (My guess is that the code used to be called with $1 undefined,)

Or perhaps $1 used to be cleared, (as it\'s set now in CPAN/WAIT.pm line 55)

/-----------------------------------------------------------------\\
| If you\'ve read this far, is there a way to get the revision log |
| for ext/IO/lib/IO/Socket/INET.pm?                               |
\\-----------------------------------------------------------------/


--- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
@@ -52,9 +52,7 @@
   }
 
   if(defined $port) {
-    $port =~ s,\\((\\d+)\\)$,,;
-
-    my $defport = $1 || undef;
+    my $defport = ($port =~ s,\\((\\d+)\\)$,,) ? $1 : undef;
     my $pnum = ($port =~ m,^(\\d+)$,)[0];
 
     @serv = getservbyname($port, $proto[0] || "")


[Please do not change anything below this line]
-----------------------------------------------------------------
---
Flags:
    category=library
    severity=high
---
Site configuration information for perl v5.7.2:

Configured by dcd at Wed Oct  3 18:05:30 PDT 2001.

Summary of my perl5 (revision 5.0 version 7 subversion 2 patch 12322) configuration:
  Platform:
    osname=linux, osvers=2.4.10-ac3, archname=i686-linux
    uname=\'linux dd 2.4.10-ac3 #3 tue oct 2 08:14:46 pdt 2001 i686 \'
    config_args=\'-Dinstallusrbinperl -Uversiononly -Dusedevel -Doptimize=-O3 -g -de -Dcf_email=dcd@tc.fluke.com\'
    hint=recommended, useposix=true, d_sigaction=define
    usethreads=undef use5005threads=undef useithreads=undef usemultiplicity=undef
    useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
    use64bitint=undef use64bitall=undef uselongdouble=undef
    usemymalloc=n, bincompat5005=define
  Compiler:
    cc=\'cc\', ccflags =\'-DDEBUGGING -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64\',
    optimize=\'-O3 -g\',
    cppflags=\'-DDEBUGGING -fno-strict-aliasing -I/usr/local/include\'
    ccversion=\'\', gccversion=\'egcs-2.91.66.1 19990314/Linux (egcs-1.1.2 release)\', gccosandvers=\'\'
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
    ivtype=\'long\', ivsize=4, nvtype=\'double\', nvsize=8, Off_t=\'off_t\', lseeksize=4
    alignbytes=4, prototype=define
  Linker and Libraries:
    ld=\'cc\', ldflags =\' -L/usr/local/lib\'
    libpth=/usr/local/lib /lib /usr/lib
    libs=-lgdbm -ldbm -ldb -ldl -lm -lc
    perllibs=-ldl -lm -lc
    libc=/lib/libc.so.5.4.44, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=\'-rdynamic\'
    cccdlflags=\'-fpic\', lddlflags=\'-shared -L/usr/local/lib\'

Locally applied patches:
    DEVEL12306

---
@INC for perl v5.7.2:
    /usr/local/lib/perl5/5.7.2/i686-linux
    /usr/local/lib/perl5/5.7.2
    /usr/local/lib/perl5/site_perl/5.7.2/i686-linux
    /usr/local/lib/perl5/site_perl/5.7.2
    /usr/local/lib/perl5/site_perl/5.6.1/i686-linux
    /usr/local/lib/perl5/site_perl/5.6.1
    /usr/local/lib/perl5/site_perl
    .

---
Environment for perl v5.7.2:
    HOME=/home/dcd
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/dcd/bin:/sbin:/usr/local/bin:/bin:/usr/bin:/usr/X11/bin:/usr/games:/usr/local/samba:/home/hobbes/tools/scripts:/home/hobbes/tools/linux:/usr0/hobbes/tools/scripts:/usr0/dcd/bin:/apps/general/bin:/usr/public
    PERL_BADLANG (unset)
    SHELL=/bin/bash'
        };
 
[18] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 21 wallclock secs ( 0.19 usr +  0.05 sys =  0.24 CPU)
	Alltook: 21 wallclock secs ( 0.19 usr +  0.05 sys =  0.24 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[19] SQL: SHOW fields FROM pb_range 
[20] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (33092) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(Perl Porters <perl5-porters@perl.org>) 
			From(David Dyck <dcd@tc.fluke.com>) 
			In-Reply-To()
			Message-Id(<Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>) 
			Reply-To() 
			Subject(patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(Jarkko Hietaniemi <jhi@iki.fi>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(Jarkko Hietaniemi <jhi@iki.fi>), subject(patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc(Perl Porters <perl5-porters@perl.org>) 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(I submitted this patch via perlbug, with much explanation
and a test program that showed the problem.  The old code
assigned $defport from $1 if $1 was set, but sometimes
the pattern match fails, and $1 comes from an earlier setting.
    $port =~ s,\((\d+)\)$,,;
    my $defport = $1 || undef;

I was getting this problem when using CPAN::WAIT extensions to CPAN
 wq des=rcs
but it's not really a CPAN issue.

Fixing this bug should also fix Bug ID (20010803.022)
so I'll post this to p5p with that in the subject

Before the patch the test prints port=ls6-www.cs.uni-dortmund.de
but after the patch the test prints port=1404  as expected

use IO::Socket::INET;
$host="ls6-www.cs.uni-dortmund.de";
$host =~ /(.*)/;
print "\$1=$1\n";
$port=1404;
$port =~ s,\((\d+)\)$,,;
print "\$port=$port, \$1=$1\n";

print "\$INC{IO/Socket/INET.pm}=",$INC{'IO/Socket/INET.pm'},"\n";
@a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
print "return port=", (scalar(@a) ? @a[1] : "undef"), "\n";
1;

__END__


--- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
@@ -52,9 +52,7 @@
   }

   if(defined $port) {
-    $port =~ s,\((\d+)\)$,,;
-
-    my $defport = $1 || undef;
+    my $defport = ($port =~ s,\((\d+)\)$,,) ? $1 : undef;
     my $pnum = ($port =~ m,^(\d+)$,)[0];

     @serv = getservbyname($port, $proto[0] || "")) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'I submitted this patch via perlbug, with much explanation
and a test program that showed the problem.  The old code
assigned $defport from $1 if $1 was set, but sometimes
the pattern match fails, and $1 comes from an earlier setting.
    $port =~ s,\\((\\d+)\\)$,,;
    my $defport = $1 || undef;

I was getting this problem when using CPAN::WAIT extensions to CPAN
 wq des=rcs
but it\'s not really a CPAN issue.

Fixing this bug should also fix Bug ID (20010803.022)
so I\'ll post this to p5p with that in the subject

Before the patch the test prints port=ls6-www.cs.uni-dortmund.de
but after the patch the test prints port=1404  as expected

use IO::Socket::INET;
$host="ls6-www.cs.uni-dortmund.de";
$host =~ /(.*)/;
print "\\$1=$1\\n";
$port=1404;
$port =~ s,\\((\\d+)\\)$,,;
print "\\$port=$port, \\$1=$1\\n";

print "\\$INC{IO/Socket/INET.pm}=",$INC{\'IO/Socket/INET.pm\'},"\\n";
@a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
print "return port=", (scalar(@a) ? @a[1] : "undef"), "\\n";
1;

__END__


--- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
@@ -52,9 +52,7 @@
   }

   if(defined $port) {
-    $port =~ s,\\((\\d+)\\)$,,;
-
-    my $defport = $1 || undef;
+    my $defport = ($port =~ s,\\((\\d+)\\)$,,) ? $1 : undef;
     my $pnum = ($port =~ m,^(\\d+)$,)[0];

     @serv = getservbyname($port, $proto[0] || "")'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.01 usr +  0.00 sys =  0.01 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.23 usr +  0.02 sys =  0.25 CPU)
	Alltook:  9 wallclock secs ( 0.24 usr +  0.02 sys =  0.26 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (40478) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From("Randy J. Ray" <rjray@redhat.com>) 
			In-Reply-To()
			Message-Id(<200110052346.f95NkxS05703@tzimisce.cygnus.com>) 
			Reply-To(rjray@redhat.com (Randy J. Ray)) 
			Subject(GNU Make-like tool for Win32?) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110052346.f95NkxS05703@tzimisce.cygnus.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject(GNU Make-like tool for Win32?), cc() 
[15] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[16] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[17] cmd(quiet) arg(I've been working on some of my non-UNIX-bound modules, trying to get them
to build cleanly under Cygwin. Recently, my XML-RPC package choked because
(a) the make in Cygwin complained of separator problems on line XXX, and
then (b) when I installed dmake, it couldn't deal with rules like:

	%.xpl: %.base %.code
		($TOOL) %.base > %.xpl

(a gross simplification, but it illustrates the GNU Make feature that
breaks dmake).

So, should I simplify the resulting Makefile, or is there a better make
tool for Win32 that I should be using, and should require users to also
have? Right now, I'm thinking that I should write the above as a .SUFFIXES
rule and set of standard dependancies, but I'm not that convinced that
I've got my Win32 environment set up as well as it could be.

Randy
--
-------------------------------------------------------------------------------
Randy J. Ray     | Buy a copy of a baby naming book and you'll never be at a
rjray@redhat.com | loss for variable names. Fred is a wonderful name, and easy
+1 408 543-9482  | to type. --Roedy Green, "How To Write Unmaintainable Code") => ret: $VAR1 = {
          'opts' => '',
          'body' => 'I\'ve been working on some of my non-UNIX-bound modules, trying to get them
to build cleanly under Cygwin. Recently, my XML-RPC package choked because
(a) the make in Cygwin complained of separator problems on line XXX, and
then (b) when I installed dmake, it couldn\'t deal with rules like:

	%.xpl: %.base %.code
		($TOOL) %.base > %.xpl

(a gross simplification, but it illustrates the GNU Make feature that
breaks dmake).

So, should I simplify the resulting Makefile, or is there a better make
tool for Win32 that I should be using, and should require users to also
have? Right now, I\'m thinking that I should write the above as a .SUFFIXES
rule and set of standard dependancies, but I\'m not that convinced that
I\'ve got my Win32 environment set up as well as it could be.

Randy
--
-------------------------------------------------------------------------------
Randy J. Ray     | Buy a copy of a baby naming book and you\'ll never be at a
rjray@redhat.com | loss for variable names. Fred is a wonderful name, and easy
+1 408 543-9482  | to type. --Roedy Green, "How To Write Unmaintainable Code"'
        };
 
[18] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.23 usr +  0.00 sys =  0.23 CPU)
	Alltook:  9 wallclock secs ( 0.23 usr +  0.00 sys =  0.23 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[19] SQL: SHOW fields FROM pb_range 
[20] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (41470) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From("Wayne Moore" <rttmk@eurosport.com>) 
			In-Reply-To()
			Message-Id(<200110051454.XAA05814@m-chemicals.com>) 
			Reply-To() 
			Subject(They Will Buy #32A4) 
			To(more@m-chemicals.com) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110051454.XAA05814@m-chemicals.com>%') 
[14] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 10 wallclock secs ( 0.20 usr +  0.02 sys =  0.21 CPU)
	Alltook: 10 wallclock secs ( 0.20 usr +  0.02 sys =  0.21 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[15] SQL: SHOW fields FROM pb_range 
[16] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (46190) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(Perl Porters <perl5-porters@perl.org>) 
			From(David Dyck <dcd@tc.fluke.com>) 
			In-Reply-To(<Pine.LNX.4.33.0110051548340.9856-100000@dd.tc.fluke.com>)
			Message-Id(<Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(Jarkko Hietaniemi <jhi@iki.fi>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110051714350.14248-100000@dd.tc.fluke.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(Jarkko Hietaniemi <jhi@iki.fi>), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc(Perl Porters <perl5-porters@perl.org>) 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(After reading the patch I sent (and still would like to see applied,
I looked at the expression immediately following where $pnum
was set to a matched value or undef, I don't know if that
 (match in list context)[0]
idiom  is better, if think so, you could apply
the following tweek to the patch I sent earlier, so
that both patterns use the same idiom.

 Thanks,
   David


--- ext/IO/lib/IO/Socket/INET.pm.prepatch2	Fri Oct  5 17:25:29 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 17:26:00 2001
@@ -52,7 +52,8 @@
   }

   if(defined $port) {
-    my $defport = ($port =~ s,\((\d+)\)$,,) ? $1 : undef;
+
+    my $defport = ($port =~ s,\((\d+)\)$,,)[0];
     my $pnum = ($port =~ m,^(\d+)$,)[0];

     @serv = getservbyname($port, $proto[0] || "")


On Fri, 5 Oct 2001, David Dyck wrote:

> From: David Dyck <dcd@tc.fluke.com>
> To: Jarkko Hietaniemi <jhi@iki.fi>
> Cc: Perl Porters <perl5-porters@perl.org>
> Date: Fri, 5 Oct 2001 16:04:43 -0700 (PDT)
> Subject: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)
> Return-Receipt-To: dcd@tc.fluke.com
>
> I submitted this patch via perlbug, with much explanation
> and a test program that showed the problem.  The old code
> assigned $defport from $1 if $1 was set, but sometimes
> the pattern match fails, and $1 comes from an earlier setting.
>     $port =~ s,\((\d+)\)$,,;
>     my $defport = $1 || undef;
>
> I was getting this problem when using CPAN::WAIT extensions to CPAN
>  wq des=rcs
> but it's not really a CPAN issue.
>
> Fixing this bug should also fix Bug ID (20010803.022)
> so I'll post this to p5p with that in the subject
>
> Before the patch the test prints port=ls6-www.cs.uni-dortmund.de
> but after the patch the test prints port=1404  as expected
>
> use IO::Socket::INET;
> $host="ls6-www.cs.uni-dortmund.de";
> $host =~ /(.*)/;
> print "\$1=$1\n";
> $port=1404;
> $port =~ s,\((\d+)\)$,,;
> print "\$port=$port, \$1=$1\n";
>
> print "\$INC{IO/Socket/INET.pm}=",$INC{'IO/Socket/INET.pm'},"\n";
> @a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
> print "return port=", (scalar(@a) ? @a[1] : "undef"), "\n";
> 1;
>
> __END__
>
>
> --- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
> +++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
> @@ -52,9 +52,7 @@
>    }
>
>    if(defined $port) {
> -    $port =~ s,\((\d+)\)$,,;
> -
> -    my $defport = $1 || undef;
> +    my $defport = ($port =~ s,\((\d+)\)$,,) ? $1 : undef;
>      my $pnum = ($port =~ m,^(\d+)$,)[0];
>
>      @serv = getservbyname($port, $proto[0] || "")
>
>) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'After reading the patch I sent (and still would like to see applied,
I looked at the expression immediately following where $pnum
was set to a matched value or undef, I don\'t know if that
 (match in list context)[0]
idiom  is better, if think so, you could apply
the following tweek to the patch I sent earlier, so
that both patterns use the same idiom.

 Thanks,
   David


--- ext/IO/lib/IO/Socket/INET.pm.prepatch2	Fri Oct  5 17:25:29 2001
+++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 17:26:00 2001
@@ -52,7 +52,8 @@
   }

   if(defined $port) {
-    my $defport = ($port =~ s,\\((\\d+)\\)$,,) ? $1 : undef;
+
+    my $defport = ($port =~ s,\\((\\d+)\\)$,,)[0];
     my $pnum = ($port =~ m,^(\\d+)$,)[0];

     @serv = getservbyname($port, $proto[0] || "")


On Fri, 5 Oct 2001, David Dyck wrote:

> From: David Dyck <dcd@tc.fluke.com>
> To: Jarkko Hietaniemi <jhi@iki.fi>
> Cc: Perl Porters <perl5-porters@perl.org>
> Date: Fri, 5 Oct 2001 16:04:43 -0700 (PDT)
> Subject: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)
> Return-Receipt-To: dcd@tc.fluke.com
>
> I submitted this patch via perlbug, with much explanation
> and a test program that showed the problem.  The old code
> assigned $defport from $1 if $1 was set, but sometimes
> the pattern match fails, and $1 comes from an earlier setting.
>     $port =~ s,\\((\\d+)\\)$,,;
>     my $defport = $1 || undef;
>
> I was getting this problem when using CPAN::WAIT extensions to CPAN
>  wq des=rcs
> but it\'s not really a CPAN issue.
>
> Fixing this bug should also fix Bug ID (20010803.022)
> so I\'ll post this to p5p with that in the subject
>
> Before the patch the test prints port=ls6-www.cs.uni-dortmund.de
> but after the patch the test prints port=1404  as expected
>
> use IO::Socket::INET;
> $host="ls6-www.cs.uni-dortmund.de";
> $host =~ /(.*)/;
> print "\\$1=$1\\n";
> $port=1404;
> $port =~ s,\\((\\d+)\\)$,,;
> print "\\$port=$port, \\$1=$1\\n";
>
> print "\\$INC{IO/Socket/INET.pm}=",$INC{\'IO/Socket/INET.pm\'},"\\n";
> @a=IO::Socket::INET::_sock_info("ls6-www.cs.uni-dortmund.de", 1404, $proto);
> print "return port=", (scalar(@a) ? @a[1] : "undef"), "\\n";
> 1;
>
> __END__
>
>
> --- ext/IO/lib/IO/Socket/INET.pm.orig	Sun Sep  9 07:50:46 2001
> +++ ext/IO/lib/IO/Socket/INET.pm	Fri Oct  5 11:45:54 2001
> @@ -52,9 +52,7 @@
>    }
>
>    if(defined $port) {
> -    $port =~ s,\\((\\d+)\\)$,,;
> -
> -    my $defport = $1 || undef;
> +    my $defport = ($port =~ s,\\((\\d+)\\)$,,) ? $1 : undef;
>      my $pnum = ($port =~ m,^(\\d+)$,)[0];
>
>      @serv = getservbyname($port, $proto[0] || "")
>
>'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
	Alltook:  9 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (50070) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From(Michael G Schwern <schwern@pobox.com>) 
			In-Reply-To(<20011005141637.D30309@wolfetech.com>)
			Message-Id(<20011005204836.C4797@blackrider>) 
			Reply-To() 
			Subject(Re: A philosophical tainting issue) 
			To(kstar@cpan.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005204836.C4797@blackrider>%') 
[14] domain(bugs\.perl\.org) ?-> to(kstar@cpan.org), subject(Re: A philosophical tainting issue), cc(perl5-porters@perl.org) 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x853ee34)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005141637.D30309@wolfetech.com>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(Whoa, thanks!

On Fri, Oct 05, 2001 at 02:16:37PM -0700, Kurt D. Starsinic wrote:
> > I can't think of how this might cause a security problem.  Can anyone
> > else?
> 
>     $ENV{PATH} might not be set, and exec*() might be using a system-
> specific default search path.

This I've never heard of.  What works like this?


All the rest I can deal with or are outside my scope of concern.

There's still no way to tell at run-time if you're running under taint
or not, is there?

-- 

Michael G. Schwern   <schwern@pobox.com>    http://www.pobox.com/~schwern/
Perl6 Quality Assurance     <perl-qa@perl.org>	     Kwalitee Is Job One
"Let's face it," said bearded Rusty Simmons, opening a can after the
race.  "This is a good excuse to drink some beer."  At 10:30 in the
morning?  "Well, it's past noon in Dublin," said teammate Mike
[Joseph] Schwern.  "It's our duty."
    -- "Sure, and It's a Great Day for Irish Runners" 
       Newsday, Sunday, March 20, 1988) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'Whoa, thanks!

On Fri, Oct 05, 2001 at 02:16:37PM -0700, Kurt D. Starsinic wrote:
> > I can\'t think of how this might cause a security problem.  Can anyone
> > else?
> 
>     $ENV{PATH} might not be set, and exec*() might be using a system-
> specific default search path.

This I\'ve never heard of.  What works like this?


All the rest I can deal with or are outside my scope of concern.

There\'s still no way to tell at run-time if you\'re running under taint
or not, is there?

-- 

Michael G. Schwern   <schwern@pobox.com>    http://www.pobox.com/~schwern/
Perl6 Quality Assurance     <perl-qa@perl.org>	     Kwalitee Is Job One
"Let\'s face it," said bearded Rusty Simmons, opening a can after the
race.  "This is a good excuse to drink some beer."  At 10:30 in the
morning?  "Well, it\'s past noon in Dublin," said teammate Mike
[Joseph] Schwern.  "It\'s our duty."
    -- "Sure, and It\'s a Great Day for Irish Runners" 
       Newsday, Sunday, March 20, 1988'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 13 wallclock secs ( 0.22 usr +  0.04 sys =  0.26 CPU)
	Alltook: 13 wallclock secs ( 0.22 usr +  0.04 sys =  0.26 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (53236) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From(Jarkko Hietaniemi <jhi@iki.fi>) 
			In-Reply-To(<20011005152714.A4797@blackrider>; from schwern@pobox.com on
    Fri, Oct 05, 2001 at 03:27:14PM -0400)
			Message-Id(<20011006040123.A17417@alpha.hut.fi>) 
			Reply-To() 
			Subject(Re: A philosophical tainting issue) 
			To(Michael G Schwern <schwern@pobox.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[14] domain(bugs\.perl\.org) ?-> to(Michael G Schwern <schwern@pobox.com>), subject(Re: A philosophical tainting issue), cc(perl5-porters@perl.org) 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x853cf9c)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005152714.A4797@blackrider>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(You want to run the harness under the taint code, and to do this you
have to circumvent the taint checks?  I must be slow today but I do
not quite follow what are you planning to achieve?

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'You want to run the harness under the taint code, and to do this you
have to circumvent the taint checks?  I must be slow today but I do
not quite follow what are you planning to achieve?

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for \'stable\'.
        # It is \'dead\'. -- Jack Cohen'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 11 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
	Alltook: 11 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (58830) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Benjamin Goldberg <goldbb2@earthlink.net>) 
			In-Reply-To()
			Message-Id(<3BBE5EF2.C3689497@earthlink.net>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBE5EF2.C3689497@earthlink.net>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc() 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(David Dyck wrote:
> 
> After reading the patch I sent (and still would like to see applied,
> I looked at the expression immediately following where $pnum
> was set to a matched value or undef, I don't know if that
>  (match in list context)[0]
> idiom  is better, if think so, you could apply
> the following tweek to the patch I sent earlier, so
> that both patterns use the same idiom.

Ahh, but what does s/// return in list context?

The docs [perlfunc] say:

     Searches a string for a pattern, and if found, replaces that
     pattern with the replacement text and returns the number of
     substitutions made. Otherwise it returns false (specifically, the
     empty string). 

It doesn't mention list context, so I would assume that it returns the
number of substitutions, regardless of context.

However, about the use of (m,foo,)[0] ... I don't like it.  I would
prefer to see:
	my ($pnum) = m/^(\d+)$/;
But this is just me [just a matter of style]...

-- 
"I think not," said Descartes, and promptly disappeared.) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'David Dyck wrote:
> 
> After reading the patch I sent (and still would like to see applied,
> I looked at the expression immediately following where $pnum
> was set to a matched value or undef, I don\'t know if that
>  (match in list context)[0]
> idiom  is better, if think so, you could apply
> the following tweek to the patch I sent earlier, so
> that both patterns use the same idiom.

Ahh, but what does s/// return in list context?

The docs [perlfunc] say:

     Searches a string for a pattern, and if found, replaces that
     pattern with the replacement text and returns the number of
     substitutions made. Otherwise it returns false (specifically, the
     empty string). 

It doesn\'t mention list context, so I would assume that it returns the
number of substitutions, regardless of context.

However, about the use of (m,foo,)[0] ... I don\'t like it.  I would
prefer to see:
	my ($pnum) = m/^(\\d+)$/;
But this is just me [just a matter of style]...

-- 
"I think not," said Descartes, and promptly disappeared.'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 10 wallclock secs ( 0.20 usr +  0.02 sys =  0.22 CPU)
	Alltook: 10 wallclock secs ( 0.20 usr +  0.02 sys =  0.22 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (59524) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From(Jarkko Hietaniemi <jhi@iki.fi>) 
			In-Reply-To(<3BBE5EF2.C3689497@earthlink.net>; from goldbb2@earthlink.net
    on Fri, Oct 05, 2001 at 09:31:30PM -0400)
			Message-Id(<20011006043550.D17417@alpha.hut.fi>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(Benjamin Goldberg <goldbb2@earthlink.net>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006043550.D17417@alpha.hut.fi>%') 
[14] domain(bugs\.perl\.org) ?-> to(Benjamin Goldberg <goldbb2@earthlink.net>), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc(perl5-porters@perl.org) 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> David Dyck wrote:
> > 
> > After reading the patch I sent (and still would like to see applied,
> > I looked at the expression immediately following where $pnum
> > was set to a matched value or undef, I don't know if that
> >  (match in list context)[0]
> > idiom  is better, if think so, you could apply
> > the following tweek to the patch I sent earlier, so
> > that both patterns use the same idiom.
> 
> Ahh, but what does s/// return in list context?
> 
> The docs [perlfunc] say:
> 
>      Searches a string for a pattern, and if found, replaces that
>      pattern with the replacement text and returns the number of
>      substitutions made. Otherwise it returns false (specifically, the
>      empty string). 
> 
> It doesn't mention list context, so I would assume that it returns the
> number of substitutions, regardless of context.

Ooops.  So it does.  Rather silly return value but can't be helped by now.

> However, about the use of (m,foo,)[0] ... I don't like it.  I would
> prefer to see:
> 	my ($pnum) = m/^(\d+)$/;
> But this is just me [just a matter of style]...

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> David Dyck wrote:
> > 
> > After reading the patch I sent (and still would like to see applied,
> > I looked at the expression immediately following where $pnum
> > was set to a matched value or undef, I don\'t know if that
> >  (match in list context)[0]
> > idiom  is better, if think so, you could apply
> > the following tweek to the patch I sent earlier, so
> > that both patterns use the same idiom.
> 
> Ahh, but what does s/// return in list context?
> 
> The docs [perlfunc] say:
> 
>      Searches a string for a pattern, and if found, replaces that
>      pattern with the replacement text and returns the number of
>      substitutions made. Otherwise it returns false (specifically, the
>      empty string). 
> 
> It doesn\'t mention list context, so I would assume that it returns the
> number of substitutions, regardless of context.

Ooops.  So it does.  Rather silly return value but can\'t be helped by now.

> However, about the use of (m,foo,)[0] ... I don\'t like it.  I would
> prefer to see:
> 	my ($pnum) = m/^(\\d+)$/;
> But this is just me [just a matter of style]...

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for \'stable\'.
        # It is \'dead\'. -- Jack Cohen'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.01 usr +  0.00 sys =  0.01 CPU)
	Runtime: 18 wallclock secs ( 0.21 usr +  0.03 sys =  0.24 CPU)
	Alltook: 18 wallclock secs ( 0.22 usr +  0.03 sys =  0.25 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (73831) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Michael G Schwern <schwern@pobox.com>) 
			In-Reply-To(<20011006040123.A17417@alpha.hut.fi>)
			Message-Id(<20011005235901.H4797@blackrider>) 
			Reply-To() 
			Subject(Re: A philosophical tainting issue) 
			To(Jarkko Hietaniemi <jhi@iki.fi>, perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[14] domain(bugs\.perl\.org) ?-> to(Jarkko Hietaniemi <jhi@iki.fi>, perl5-porters@perl.org), subject(Re: A philosophical tainting issue), cc() 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x85ff2c4)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006040123.A17417@alpha.hut.fi>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(On Sat, Oct 06, 2001 at 04:01:23AM +0300, Jarkko Hietaniemi wrote:
> You want to run the harness under the taint code, and to do this you
> have to circumvent the taint checks?  I must be slow today but I do
> not quite follow what are you planning to achieve?

Well, I'm looking at it this way.  Taint checks are there to force you
to think about potentially insecure code.  If you've checked out the
data involved, you detaint it and assume it's safe from there.

So I'm pondering if using $^X + $ENV{PATH} (or it's moral equivalent
on other operating systems) to locate the currently running perl
executable is insecure, or if I can just trust it given that's exactly
how I started running the currently running perl.  Most of what Kurt
pointed out seems well beyond the sort of thing taint mode is designed
to handle (such as the possibility of the perl executable being
maliciously replaced).


For more context, this doesn't concern the runtests() function
(ie. the usual "make test") but instead the new Test::Harness::Straps
programmatic interface that I've been trying to firm up.

    my $strap = Test::Harness::Straps->new;

    # Runs a foo.t test program and analyzes the output.
    my %results = $strap->analyze_file($some_test_file);

When run under taint mode, should that code simply explode because
it's inherently insecure to run a perl program?  Or should it only
explode if $some_test_file is tainted?


That's what I'm pondering.  If it's a real security risk merely to run
another perl program, or if it's only a risk if the filename in
question is tainted.


-- 

Michael G. Schwern   <schwern@pobox.com>    http://www.pobox.com/~schwern/
Perl6 Quality Assurance     <perl-qa@perl.org>	     Kwalitee Is Job One
Do you actually think about what you are saying or is it an improvisational 
game of Mad Libs that you play in your head?) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Sat, Oct 06, 2001 at 04:01:23AM +0300, Jarkko Hietaniemi wrote:
> You want to run the harness under the taint code, and to do this you
> have to circumvent the taint checks?  I must be slow today but I do
> not quite follow what are you planning to achieve?

Well, I\'m looking at it this way.  Taint checks are there to force you
to think about potentially insecure code.  If you\'ve checked out the
data involved, you detaint it and assume it\'s safe from there.

So I\'m pondering if using $^X + $ENV{PATH} (or it\'s moral equivalent
on other operating systems) to locate the currently running perl
executable is insecure, or if I can just trust it given that\'s exactly
how I started running the currently running perl.  Most of what Kurt
pointed out seems well beyond the sort of thing taint mode is designed
to handle (such as the possibility of the perl executable being
maliciously replaced).


For more context, this doesn\'t concern the runtests() function
(ie. the usual "make test") but instead the new Test::Harness::Straps
programmatic interface that I\'ve been trying to firm up.

    my $strap = Test::Harness::Straps->new;

    # Runs a foo.t test program and analyzes the output.
    my %results = $strap->analyze_file($some_test_file);

When run under taint mode, should that code simply explode because
it\'s inherently insecure to run a perl program?  Or should it only
explode if $some_test_file is tainted?


That\'s what I\'m pondering.  If it\'s a real security risk merely to run
another perl program, or if it\'s only a risk if the filename in
question is tainted.


-- 

Michael G. Schwern   <schwern@pobox.com>    http://www.pobox.com/~schwern/
Perl6 Quality Assurance     <perl-qa@perl.org>	     Kwalitee Is Job One
Do you actually think about what you are saying or is it an improvisational 
game of Mad Libs that you play in your head?'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.01 usr +  0.00 sys =  0.01 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 12 wallclock secs ( 0.24 usr +  0.02 sys =  0.27 CPU)
	Alltook: 12 wallclock secs ( 0.25 usr +  0.02 sys =  0.27 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (75812) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From("Brent Dax" <brentdax@cpan.org>) 
			In-Reply-To(<20011005235901.H4797@blackrider>)
			Message-Id(<FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>) 
			Reply-To() 
			Subject(RE: A philosophical tainting issue) 
			To("Michael G Schwern"
    <schwern@pobox.com>,
    "Jarkko Hietaniemi"
    <jhi@iki.fi>, <perl5-porters@perl.org>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <FJELLKOPEAGHOOODKEDPGEJNCHAA.brentdax@cpan.org>%') 
[14] domain(bugs\.perl\.org) ?-> to("Michael G Schwern"
    <schwern@pobox.com>,
    "Jarkko Hietaniemi"
    <jhi@iki.fi>, <perl5-porters@perl.org>), subject(RE: A philosophical tainting issue), cc() 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x86016b8)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(Michael G Schwern:
# For more context, this doesn't concern the runtests() function
# (ie. the usual "make test") but instead the new Test::Harness::Straps
# programmatic interface that I've been trying to firm up.
#
#     my $strap = Test::Harness::Straps->new;
#
#     # Runs a foo.t test program and analyzes the output.
#     my %results = $strap->analyze_file($some_test_file);
#
# When run under taint mode, should that code simply explode because
# it's inherently insecure to run a perl program?  Or should it only
# explode if $some_test_file is tainted?
#
#
# That's what I'm pondering.  If it's a real security risk merely to run
# another perl program, or if it's only a risk if the filename in
# question is tainted.

I think that the only reason tests are run under taint mode is to make
sure that the module in question doesn't explode.  Therefore,
Test::Harness::Straps shouldn't fuss about any tainting.  If you're that
worried about how secure some tests are, then why did you download the
thing you're testing anyway?

--Brent Dax
brentdax@cpan.org
Configure pumpking for Perl 6

They *will* pay for what they've done.) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'Michael G Schwern:
# For more context, this doesn\'t concern the runtests() function
# (ie. the usual "make test") but instead the new Test::Harness::Straps
# programmatic interface that I\'ve been trying to firm up.
#
#     my $strap = Test::Harness::Straps->new;
#
#     # Runs a foo.t test program and analyzes the output.
#     my %results = $strap->analyze_file($some_test_file);
#
# When run under taint mode, should that code simply explode because
# it\'s inherently insecure to run a perl program?  Or should it only
# explode if $some_test_file is tainted?
#
#
# That\'s what I\'m pondering.  If it\'s a real security risk merely to run
# another perl program, or if it\'s only a risk if the filename in
# question is tainted.

I think that the only reason tests are run under taint mode is to make
sure that the module in question doesn\'t explode.  Therefore,
Test::Harness::Straps shouldn\'t fuss about any tainting.  If you\'re that
worried about how secure some tests are, then why did you download the
thing you\'re testing anyway?

--Brent Dax
brentdax@cpan.org
Configure pumpking for Perl 6

They *will* pay for what they\'ve done.'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 11 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
	Alltook: 11 wallclock secs ( 0.26 usr +  0.00 sys =  0.26 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (83090) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(tmddcvwjc@hotmail.com) 
			In-Reply-To()
			Message-Id(<200110060851.f968pIb09159@complat.ru>) 
			Reply-To() 
			Subject(Email Marketing Works! Cheap & Effective!) 
			To(<pcd6lovmyic@hotmail.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060851.f968pIb09159@complat.ru>%') 
[14] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.01 usr +  0.00 sys =  0.01 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 11 wallclock secs ( 0.19 usr +  0.03 sys =  0.22 CPU)
	Alltook: 11 wallclock secs ( 0.20 usr +  0.03 sys =  0.23 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[15] SQL: SHOW fields FROM pb_range 
[16] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (83345) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(tmddcvwjc@hotmail.com) 
			In-Reply-To()
			Message-Id(<200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>) 
			Reply-To() 
			Subject(Email Marketing Works! Cheap & Effective!) 
			To(<pcd6lovmyic@hotmail.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060349.XAA24994@vasconcelos.radioeducacion.edu.mx>%') 
[14] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  9 wallclock secs ( 0.22 usr +  0.01 sys =  0.23 CPU)
	Alltook:  9 wallclock secs ( 0.22 usr +  0.01 sys =  0.23 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[15] SQL: SHOW fields FROM pb_range 
[16] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (84810) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(perl5-porters@perl.org) 
			From(Jarkko Hietaniemi <jhi@iki.fi>) 
			In-Reply-To(<20011005235901.H4797@blackrider>; from schwern@pobox.com on
    Fri, Oct 05, 2001 at 11:59:01PM -0400)
			Message-Id(<20011006080045.B13905@alpha.hut.fi>) 
			Reply-To() 
			Subject(Re: A philosophical tainting issue) 
			To(Michael G Schwern <schwern@pobox.com>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080045.B13905@alpha.hut.fi>%') 
[14] domain(bugs\.perl\.org) ?-> to(Michael G Schwern <schwern@pobox.com>), subject(Re: A philosophical tainting issue), cc(perl5-porters@perl.org) 
[15] reusing CACHED SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail'(ARRAY(0x86016a0)) 
[16] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[17] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[18] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[19] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[20] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011005235901.H4797@blackrider>%') 
[21] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[22] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[23] cmd(quiet) arg(On Fri, Oct 05, 2001 at 11:59:01PM -0400, Michael G Schwern wrote:
> On Sat, Oct 06, 2001 at 04:01:23AM +0300, Jarkko Hietaniemi wrote:
> > You want to run the harness under the taint code, and to do this you
> > have to circumvent the taint checks?  I must be slow today but I do
> > not quite follow what are you planning to achieve?
> 
> Well, I'm looking at it this way.  Taint checks are there to force you
> to think about potentially insecure code.  If you've checked out the
> data involved, you detaint it and assume it's safe from there.
> 
> So I'm pondering if using $^X + $ENV{PATH} (or it's moral equivalent
> on other operating systems) to locate the currently running perl
> executable is insecure, or if I can just trust it given that's exactly
> how I started running the currently running perl.  Most of what Kurt

At least #! completely bypasses $ENV{PATH}.

> When run under taint mode, should that code simply explode because
> it's inherently insecure to run a perl program?  Or should it only

Well, it *is*, if you are trusting the original $ENV{PATH}.  Either
you reset the path (to something untainted :-) or you use an absolute
path for the executable.

> explode if $some_test_file is tainted?

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Fri, Oct 05, 2001 at 11:59:01PM -0400, Michael G Schwern wrote:
> On Sat, Oct 06, 2001 at 04:01:23AM +0300, Jarkko Hietaniemi wrote:
> > You want to run the harness under the taint code, and to do this you
> > have to circumvent the taint checks?  I must be slow today but I do
> > not quite follow what are you planning to achieve?
> 
> Well, I\'m looking at it this way.  Taint checks are there to force you
> to think about potentially insecure code.  If you\'ve checked out the
> data involved, you detaint it and assume it\'s safe from there.
> 
> So I\'m pondering if using $^X + $ENV{PATH} (or it\'s moral equivalent
> on other operating systems) to locate the currently running perl
> executable is insecure, or if I can just trust it given that\'s exactly
> how I started running the currently running perl.  Most of what Kurt

At least #! completely bypasses $ENV{PATH}.

> When run under taint mode, should that code simply explode because
> it\'s inherently insecure to run a perl program?  Or should it only

Well, it *is*, if you are trusting the original $ENV{PATH}.  Either
you reset the path (to something untainted :-) or you use an absolute
path for the executable.

> explode if $some_test_file is tainted?

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for \'stable\'.
        # It is \'dead\'. -- Jack Cohen'
        };
 
[24] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 23 wallclock secs ( 0.23 usr +  0.03 sys =  0.27 CPU)
	Alltook: 23 wallclock secs ( 0.23 usr +  0.03 sys =  0.27 CPU)
        including 17 SQL statements 
        using 1 database handle/s
	 
[25] SQL: SHOW fields FROM pb_range 
[26] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (86560) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Jarkko Hietaniemi <jhi@iki.fi>) 
			In-Reply-To()
			Message-Id(<20011006080549.C13905@alpha.hut.fi>) 
			Reply-To(Lindsay Morris <servergraph.com@verizon.net>) 
			Subject([servergraph.com@verizon.net: Bug in timelocal?]) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <20011006080549.C13905@alpha.hut.fi>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject([servergraph.com@verizon.net: Bug in timelocal?]), cc() 
[15] IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[16] Decision -> do_quiet(0) IGNORE quiet(0): invalid perlbug data, potential p5p miscellanea or spam) :-|
 
[17] cmd(quiet) arg(----- Forwarded message from Lindsay Morris <servergraph.com@verizon.net> -----

Subject: Bug in timelocal?
From: "Lindsay Morris" <servergraph.com@verizon.net>
Date: Fri, 5 Oct 2001 15:32:20 -0400
Message-ID: <002501c14dd4$7372e680$4cb8f5c0@lmorris>
To: <cpan@perl.org>
Reply-To: <lmorris@servergraph.com>
Importance: Normal

Add a minute, gain an hour?
Run this:

#!/usr/bin/perl
use Time::Local;
print "timelocal(0,59,0,28,9,101) is:", timelocal(0,59,0,28,9,101),"\n";
print "timelocal(0, 0,1,28,9,101) is:", timelocal(0, 0,1,28,9,101),"\n";
# with perl 5.6.0.1 on AIX 4.3.2.0, I get:
# timelocal(0,59,0,28,9,101) is:1004245140
# timelocal(0, 0,1,28,9,101) is:1004248800
# The difference is seconds is an hour and a minute, not just a minute.
# Lindsay Morris / lmorris@servergraph.com / 859-253-8000

Same behavior w perl v 5.005.03.
Any wisdom appreciated...
---------------------------------
Mr. Lindsay Morris
Principal
Applied System Design
lmorris@servergraph.com
Office: 859-253-8000
   Fax: 425-988-8478

----- End forwarded message -----

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for 'stable'.
        # It is 'dead'. -- Jack Cohen) => ret: $VAR1 = {
          'opts' => '',
          'body' => '----- Forwarded message from Lindsay Morris <servergraph.com@verizon.net> -----

Subject: Bug in timelocal?
From: "Lindsay Morris" <servergraph.com@verizon.net>
Date: Fri, 5 Oct 2001 15:32:20 -0400
Message-ID: <002501c14dd4$7372e680$4cb8f5c0@lmorris>
To: <cpan@perl.org>
Reply-To: <lmorris@servergraph.com>
Importance: Normal

Add a minute, gain an hour?
Run this:

#!/usr/bin/perl
use Time::Local;
print "timelocal(0,59,0,28,9,101) is:", timelocal(0,59,0,28,9,101),"\\n";
print "timelocal(0, 0,1,28,9,101) is:", timelocal(0, 0,1,28,9,101),"\\n";
# with perl 5.6.0.1 on AIX 4.3.2.0, I get:
# timelocal(0,59,0,28,9,101) is:1004245140
# timelocal(0, 0,1,28,9,101) is:1004248800
# The difference is seconds is an hour and a minute, not just a minute.
# Lindsay Morris / lmorris@servergraph.com / 859-253-8000

Same behavior w perl v 5.005.03.
Any wisdom appreciated...
---------------------------------
Mr. Lindsay Morris
Principal
Applied System Design
lmorris@servergraph.com
Office: 859-253-8000
   Fax: 425-988-8478

----- End forwarded message -----

-- 
$jhi++; # http://www.iki.fi/jhi/
        # There is this special biologist word we use for \'stable\'.
        # It is \'dead\'. -- Jack Cohen'
        };
 
[18] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  1 wallclock secs ( 0.24 usr +  0.00 sys =  0.24 CPU)
	Alltook:  1 wallclock secs ( 0.24 usr +  0.00 sys =  0.24 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[19] SQL: SHOW fields FROM pb_range 
[20] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (93733) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(<lnhxdb@online.ln.cn>) 
			In-Reply-To()
			Message-Id(<200110060605.f9664n119215@chthon.perl.com>) 
			Reply-To(lnhxdb@online.ln.cn) 
			Subject(ȫ˹ܶһɻԪ) 
			To() 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <200110060605.f9664n119215@chthon.perl.com>%') 
[14] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.01 usr +  0.01 sys =  0.02 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  7 wallclock secs ( 0.20 usr +  0.00 sys =  0.20 CPU)
	Alltook:  7 wallclock secs ( 0.21 usr +  0.01 sys =  0.22 CPU)
        including 12 SQL statements 
        using 1 database handle/s
	 
[15] SQL: SHOW fields FROM pb_range 
[16] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (95884) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc(Benjamin Goldberg <goldbb2@earthlink.net>,  <perl5-porters@perl.org>) 
			From(David Dyck <dcd@tc.fluke.com>) 
			In-Reply-To(<20011006043550.D17417@alpha.hut.fi>)
			Message-Id(<Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(Jarkko Hietaniemi <jhi@iki.fi>) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <Pine.LNX.4.33.0110052244490.14551-100000@dd.tc.fluke.com>%') 
[14] domain(bugs\.perl\.org) ?-> to(Jarkko Hietaniemi <jhi@iki.fi>), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc(Benjamin Goldberg <goldbb2@earthlink.net>,  <perl5-porters@perl.org>) 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(On Sat, 6 Oct 2001, Jarkko Hietaniemi wrote:

>
> On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> > David Dyck wrote:
> > >
> > > After reading the patch I sent (and still would like to see applied,
> > > I looked at the expression immediately following where $pnum
> > > was set to a matched value or undef, I don't know if that
> > >  (match in list context)[0]
> > > idiom  is better, if you think so, you could apply
> > > the following tweek to the patch I sent earlier, so
> > > that both patterns use the same idiom.

As I'll mention later, it is valuable to have the code consistent

> > Ahh, but what does s/// return in list context?

> Ooops.  So it does.  Rather silly return value but can't be helped by now.

We aren't talking about substitute, but rather the match operator.

in perldoc perlop I the following text which I think is pretty explicit

======================================================================

The "/g" modifier specifies global pattern
               matching--that is, matching as many times as
               possible within the string.  How it behaves
               depends on the context.  In list context, it    <<<<< list
               returns a list of the substrings matched by any
               capturing parentheses in the regular expression.
               If there are no parentheses, it returns a list of
               all the matched strings, as if there were
               parentheses around the whole pattern.


======================================================================
 If the "/g" option is not used, "m//" in list			<<< list
               context returns a list consisting of the
               subexpressions matched by the parentheses in the
               pattern, i.e., ($1, $2, $3...).  (Note that here
               $1 etc. are also set, and that this differs from
               Perl 4's behavior.)  When there are no parentheses
               in the pattern, the return value is the list "(1)"
               for success.  With or without parentheses, an
               empty list is returned upon failure.

======================================================================
Now, for opinions :-)



I'd be glad to allow others to judge the 'style', but I do
think that whatever style is chosen it should be consistent.
I don't think it must be clearest for the first time reader,
but it should be VERY CLEAR what the code write intends, once
the reader understands what is written.

for the first time reader it is probably best to expand
to
 if ($string =~ m/pattern with parens/) {
	$var = do something  with $1
 } ....

when you look at
  $var =   $string =~ /pattern with parens/ ?  something with $1 : undef
and
  $var =   ($string =~ /pattern with parens/ )[0]

you may stop once, but after you get the idiom you can skim
it quickly.

I think it is more important to comment the code to indicate
which expressions have higher priority, as it is obvious that
that is where the logic changes have occured. (there is no design
document to fall back to to determine what is important, but
perhaps it should be 'obvious' to the reader once they think
about it (there is some description in the POD text
  -- I mean, if you have a protocol number that should override
a default value
    but why is the getservbyname($port, $proto[0] || 0)
higher priority than the a parenthesized numeric value in the port field
which is higher than a non-parenthesized fully numeric specified port number?
See, as I think about it I reliaze that the last 2 are mutually exclusive
of each other, but the code never even had and if / else clause.
There may have even been a way to have one regexp capture the number

============================

one last question:

  is there a way to get the revision log of changes to this file?

    (it is difficult to browse through all the diffs, and some
     of this comes from before 5.6.0

David) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'On Sat, 6 Oct 2001, Jarkko Hietaniemi wrote:

>
> On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> > David Dyck wrote:
> > >
> > > After reading the patch I sent (and still would like to see applied,
> > > I looked at the expression immediately following where $pnum
> > > was set to a matched value or undef, I don\'t know if that
> > >  (match in list context)[0]
> > > idiom  is better, if you think so, you could apply
> > > the following tweek to the patch I sent earlier, so
> > > that both patterns use the same idiom.

As I\'ll mention later, it is valuable to have the code consistent

> > Ahh, but what does s/// return in list context?

> Ooops.  So it does.  Rather silly return value but can\'t be helped by now.

We aren\'t talking about substitute, but rather the match operator.

in perldoc perlop I the following text which I think is pretty explicit

======================================================================

The "/g" modifier specifies global pattern
               matching--that is, matching as many times as
               possible within the string.  How it behaves
               depends on the context.  In list context, it    <<<<< list
               returns a list of the substrings matched by any
               capturing parentheses in the regular expression.
               If there are no parentheses, it returns a list of
               all the matched strings, as if there were
               parentheses around the whole pattern.


======================================================================
 If the "/g" option is not used, "m//" in list			<<< list
               context returns a list consisting of the
               subexpressions matched by the parentheses in the
               pattern, i.e., ($1, $2, $3...).  (Note that here
               $1 etc. are also set, and that this differs from
               Perl 4\'s behavior.)  When there are no parentheses
               in the pattern, the return value is the list "(1)"
               for success.  With or without parentheses, an
               empty list is returned upon failure.

======================================================================
Now, for opinions :-)



I\'d be glad to allow others to judge the \'style\', but I do
think that whatever style is chosen it should be consistent.
I don\'t think it must be clearest for the first time reader,
but it should be VERY CLEAR what the code write intends, once
the reader understands what is written.

for the first time reader it is probably best to expand
to
 if ($string =~ m/pattern with parens/) {
	$var = do something  with $1
 } ....

when you look at
  $var =   $string =~ /pattern with parens/ ?  something with $1 : undef
and
  $var =   ($string =~ /pattern with parens/ )[0]

you may stop once, but after you get the idiom you can skim
it quickly.

I think it is more important to comment the code to indicate
which expressions have higher priority, as it is obvious that
that is where the logic changes have occured. (there is no design
document to fall back to to determine what is important, but
perhaps it should be \'obvious\' to the reader once they think
about it (there is some description in the POD text
  -- I mean, if you have a protocol number that should override
a default value
    but why is the getservbyname($port, $proto[0] || 0)
higher priority than the a parenthesized numeric value in the port field
which is higher than a non-parenthesized fully numeric specified port number?
See, as I think about it I reliaze that the last 2 are mutually exclusive
of each other, but the code never even had and if / else clause.
There may have even been a way to have one regexp capture the number

============================

one last question:

  is there a way to get the revision log of changes to this file?

    (it is difficult to browse through all the diffs, and some
     of this comes from before 5.6.0

David'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime:  8 wallclock secs ( 0.23 usr +  0.01 sys =  0.23 CPU)
	Alltook:  8 wallclock secs ( 0.23 usr +  0.01 sys =  0.23 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 
[0] INIT 2.86 (145) debug(01sx) scr(/home/perlbug/Live/scripts/bugtron) 
[1] /home/perlbug/Live/scripts/bugtron: 
			Cc() 
			From(Benjamin Goldberg <goldbb2@earthlink.net>) 
			In-Reply-To()
			Message-Id(<3BBEA53B.8AB73D4@earthlink.net>) 
			Reply-To() 
			Subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)) 
			To(perl5-porters@perl.org) 
			X-Perlbug()
		 
[2] SQL: SHOW fields FROM pb_thing 
[3] SQL: SELECT DISTINCT name FROM pb_thing WHERE type LIKE 'mail' 
[4] SQL: SHOW fields FROM pb_bug 
[5] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[6] SQL: SHOW fields FROM pb_note 
[7] SQL: SELECT DISTINCT noteid FROM pb_note WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[8] SQL: SHOW fields FROM pb_patch 
[9] SQL: SELECT DISTINCT patchid FROM pb_patch WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[10] SQL: SHOW fields FROM pb_test 
[11] SQL: SELECT DISTINCT testid FROM pb_test WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[12] SQL: SHOW fields FROM pb_message 
[13] SQL: SELECT DISTINCT messageid FROM pb_message WHERE UPPER(header) LIKE UPPER('%Message-Id: <3BBEA53B.8AB73D4@earthlink.net>%') 
[14] domain(bugs\.perl\.org) ?-> to(perl5-porters@perl.org), subject(Re: patch to ext/IO/lib/IO/Socket/INET.pm fixes Bug ID (20010803.022)), cc() 
[15] SQL: SELECT DISTINCT bugid FROM pb_bug WHERE bugid = '20010803.022' 
[16] REPLY reply(1) from subject: (20010803.022) :-) 
[17] Decision -> do_reply(1) REPLY reply(1) from subject: (20010803.022) :-) 
[18] cmd(M) arg(David Dyck wrote:
> 
> On Sat, 6 Oct 2001, Jarkko Hietaniemi wrote:
> 
> >
> > On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> > > David Dyck wrote:
> > > >
> > > > After reading the patch I sent (and still would like to see
> > > > applied, I looked at the expression immediately following where
> > > > $pnum was set to a matched value or undef, I don't know if that
> > > >  (match in list context)[0]
> > > > idiom  is better, if you think so, you could apply
> > > > the following tweek to the patch I sent earlier, so
> > > > that both patterns use the same idiom.
> 
> As I'll mention later, it is valuable to have the code consistent
> 
> > > Ahh, but what does s/// return in list context?
> 
> > Ooops.  So it does.  Rather silly return value but can't be helped
> > by now.
> 
> We aren't talking about substitute, but rather the match operator.

*I* was talking about your use of:

+    my $defport = ($port =~ s,\((\d+)\)$,,)[0];

> in perldoc perlop I the following text which I think is pretty
> explicit
> 
> ======================================================================
> 
> The "/g" modifier specifies global pattern
>                matching--that is, matching as many times as
>                possible within the string.  How it behaves
>                depends on the context.  In list context, it <<<<< list
>                returns a list of the substrings matched by any
>                capturing parentheses in the regular expression.
>                If there are no parentheses, it returns a list of
>                all the matched strings, as if there were
>                parentheses around the whole pattern.

This has nothing to do with the code we're discussing, since /g wasn't
used.

> ======================================================================
>  If the "/g" option is not used, "m//" in list               <<< list
>                context returns a list consisting of the
>                subexpressions matched by the parentheses in the
>                pattern, i.e., ($1, $2, $3...).  (Note that here
>                $1 etc. are also set, and that this differs from
>                Perl 4's behavior.)  When there are no parentheses
>                in the pattern, the return value is the list "(1)"
>                for success.  With or without parentheses, an
>                empty list is returned upon failure.

This is talking about m// in list context, which is what enables:

     my $pnum = ($port =~ m,^(\d+)$,)[0];

to work.  It is *not* talking about s/// ... so there's no reason
whatsoever to believe that:

+    my $defport = ($port =~ s,\((\d+)\)$,,)[0];

Should work.

> ======================================================================
> Now, for opinions :-)
[snip]
> for the first time reader it is probably best to expand
> to
>  if ($string =~ m/pattern with parens/) {
>         $var = do something  with $1
>  } ....
> 
> when you look at
>   $var =   $string =~ /pattern with parens/ ?  something with $1 : undef
> and
>   $var =   ($string =~ /pattern with parens/ )[0]
> 
> you may stop once, but after you get the idiom you can skim
> it quickly.

Of course, a much more common idiom is:

($var) = /pattern with parens/;

Where the use of () on the left supplies a list context.
This is also [imho] rather more readable.

-- 
"I think not," said Descartes, and promptly disappeared.) => ret: $VAR1 = {
          'opts' => '',
          'body' => 'David Dyck wrote:
> 
> On Sat, 6 Oct 2001, Jarkko Hietaniemi wrote:
> 
> >
> > On Fri, Oct 05, 2001 at 09:31:30PM -0400, Benjamin Goldberg wrote:
> > > David Dyck wrote:
> > > >
> > > > After reading the patch I sent (and still would like to see
> > > > applied, I looked at the expression immediately following where
> > > > $pnum was set to a matched value or undef, I don\'t know if that
> > > >  (match in list context)[0]
> > > > idiom  is better, if you think so, you could apply
> > > > the following tweek to the patch I sent earlier, so
> > > > that both patterns use the same idiom.
> 
> As I\'ll mention later, it is valuable to have the code consistent
> 
> > > Ahh, but what does s/// return in list context?
> 
> > Ooops.  So it does.  Rather silly return value but can\'t be helped
> > by now.
> 
> We aren\'t talking about substitute, but rather the match operator.

*I* was talking about your use of:

+    my $defport = ($port =~ s,\\((\\d+)\\)$,,)[0];

> in perldoc perlop I the following text which I think is pretty
> explicit
> 
> ======================================================================
> 
> The "/g" modifier specifies global pattern
>                matching--that is, matching as many times as
>                possible within the string.  How it behaves
>                depends on the context.  In list context, it <<<<< list
>                returns a list of the substrings matched by any
>                capturing parentheses in the regular expression.
>                If there are no parentheses, it returns a list of
>                all the matched strings, as if there were
>                parentheses around the whole pattern.

This has nothing to do with the code we\'re discussing, since /g wasn\'t
used.

> ======================================================================
>  If the "/g" option is not used, "m//" in list               <<< list
>                context returns a list consisting of the
>                subexpressions matched by the parentheses in the
>                pattern, i.e., ($1, $2, $3...).  (Note that here
>                $1 etc. are also set, and that this differs from
>                Perl 4\'s behavior.)  When there are no parentheses
>                in the pattern, the return value is the list "(1)"
>                for success.  With or without parentheses, an
>                empty list is returned upon failure.

This is talking about m// in list context, which is what enables:

     my $pnum = ($port =~ m,^(\\d+)$,)[0];

to work.  It is *not* talking about s/// ... so there\'s no reason
whatsoever to believe that:

+    my $defport = ($port =~ s,\\((\\d+)\\)$,,)[0];

Should work.

> ======================================================================
> Now, for opinions :-)
[snip]
> for the first time reader it is probably best to expand
> to
>  if ($string =~ m/pattern with parens/) {
>         $var = do something  with $1
>  } ....
> 
> when you look at
>   $var =   $string =~ /pattern with parens/ ?  something with $1 : undef
> and
>   $var =   ($string =~ /pattern with parens/ )[0]
> 
> you may stop once, but after you get the idiom you can skim
> it quickly.

Of course, a much more common idiom is:

($var) = /pattern with parens/;

Where the use of () on the left supplies a list context.
This is also [imho] rather more readable.

-- 
"I think not," said Descartes, and promptly disappeared.'
        };
 
[19] /home/perlbug/Live/scripts/bugtron debug(01sx)
	Startup:  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Loaded :  0 wallclock secs ( 0.00 usr +  0.00 sys =  0.00 CPU)
	Runtime: 14 wallclock secs ( 0.24 usr +  0.01 sys =  0.25 CPU)
	Alltook: 14 wallclock secs ( 0.24 usr +  0.01 sys =  0.25 CPU)
        including 13 SQL statements 
        using 1 database handle/s
	 
[20] SQL: SHOW fields FROM pb_range 
[21] SQL: SELECT DISTINCT rangeid FROM pb_range WHERE TO_DAYS(modified) < (TO_DAYS(SYSDATE()) -10) 

