pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: postgrey and perl-5.18.0

On 01.06.13 19:54, Martin Husemann wrote:
I removed the -T from the interpreter line and now it works.

This disables the taint-mode. I don't know how useful the taint
mode is - personally I disagree for productional environments.
It's good for test cases to ensure you know the data you deal
with ...

Of course this is not good (tm), but it points at the issue.
Is there any way to get a stacktrace when a tainted check fails?

There're several ways. The completes thing is run the check
through the debugger like perldebug explains:

     $ ( PERLDB_OPTS="NonStop frame=1 AutoTrace LineInfo=tperl.out"
         perl -d myprogram )


On another machine I can break it even earlier:

# postgrey -v -i 2525
2013/06/01-19:47:40 postgrey (type Net::Server::Multiplex) starting! pid(6443)
Resolved [localhost]:2525 to [::1]:2525, IPv6
Resolved [localhost]:2525 to []:2525, IPv4
Binding to TCP port 2525 on host ::1 with IPv6
Insecure dependency in socket while running with -T switch at 
/usr/pkg/lib/perl5/5.18.0/i386-netbsd-thread-multi/IO/ line 81.

That line is a socket() call, but I can not figure out from where it is called
or with wich args.

Devel::Trace or Devel::TraceUse might enlighten you ;)

Jens Rehsack
pkgsrc, Perl5

Home | Main Index | Thread Index | Old Index