--- rxvt-unicode/src/rxvtperl.xs 2006/01/08 03:07:05 1.41 +++ rxvt-unicode/src/rxvtperl.xs 2006/01/08 22:58:13 1.44 @@ -51,6 +51,22 @@ ///////////////////////////////////////////////////////////////////////////// +static SV * +taint (SV *sv) +{ + SvTAINT (sv); + return sv; +} + +static SV * +taint_if (SV *sv, SV *src) +{ + if (SvTAINTED (src)) + SvTAINT (sv); + + return sv; +} + static wchar_t * sv2wcs (SV *sv) { @@ -398,13 +414,14 @@ { char *argv[] = { "", + "-T", "-edo '" LIBDIR "/urxvt.pm' or ($@ and die $@) or exit 1", }; perl = perl_alloc (); perl_construct (perl); - if (perl_parse (perl, xs_init, 2, argv, (char **)NULL) + if (perl_parse (perl, xs_init, 3, argv, (char **)NULL) || perl_run (perl)) { rxvt_warn ("unable to initialize perl-interpreter, continuing without.\n"); @@ -475,7 +492,7 @@ break; case DT_STR: - XPUSHs (sv_2mortal (newSVpv (va_arg (ap, char *), 0))); + XPUSHs (taint (sv_2mortal (newSVpv (va_arg (ap, char *), 0)))); break; case DT_STR_LEN: @@ -483,7 +500,7 @@ char *str = va_arg (ap, char *); int len = va_arg (ap, int); - XPUSHs (sv_2mortal (newSVpvn (str, len))); + XPUSHs (taint (sv_2mortal (newSVpvn (str, len)))); } break; @@ -492,7 +509,7 @@ wchar_t *wstr = va_arg (ap, wchar_t *); int wlen = va_arg (ap, int); - XPUSHs (sv_2mortal (wcs2sv (wstr, wlen))); + XPUSHs (taint (sv_2mortal (wcs2sv (wstr, wlen)))); } break; @@ -767,27 +784,32 @@ RETVAL void -rxvt_term::allow_events_async (U32 eventtime = THIS->perl.grabtime) +rxvt_term::allow_events_async () CODE: - XAllowEvents (THIS->display->display, AsyncBoth, eventtime); + XAllowEvents (THIS->display->display, AsyncBoth, THIS->perl.grabtime); void -rxvt_term::allow_events_sync (U32 eventtime = THIS->perl.grabtime) +rxvt_term::allow_events_sync () CODE: - XAllowEvents (THIS->display->display, SyncBoth, eventtime); + XAllowEvents (THIS->display->display, SyncBoth, THIS->perl.grabtime); void -rxvt_term::allow_events_replay (U32 eventtime = THIS->perl.grabtime) +rxvt_term::allow_events_replay () CODE: - XAllowEvents (THIS->display->display, ReplayPointer, eventtime); - XAllowEvents (THIS->display->display, ReplayKeyboard, eventtime); + XAllowEvents (THIS->display->display, ReplayPointer, THIS->perl.grabtime); + XAllowEvents (THIS->display->display, ReplayKeyboard, THIS->perl.grabtime); void -rxvt_term::ungrab (U32 eventtime = THIS->perl.grabtime) +rxvt_term::ungrab () CODE: - THIS->perl.grabtime = 0; - XUngrabKeyboard (THIS->display->display, eventtime); - XUngrabPointer (THIS->display->display, eventtime); +{ + if (THIS->perl.grabtime) + { + XUngrabKeyboard (THIS->display->display, THIS->perl.grabtime); + XUngrabPointer (THIS->display->display, THIS->perl.grabtime); + THIS->perl.grabtime = 0; + } +} int rxvt_term::strwidth (SV *str) @@ -816,7 +838,7 @@ free (wstr); - RETVAL = newSVpv (mbstr, 0); + RETVAL = taint_if (newSVpv (mbstr, 0), str); free (mbstr); } OUTPUT: @@ -833,7 +855,7 @@ wchar_t *wstr = rxvt_mbstowcs (data, len); rxvt_pop_locale (); - RETVAL = wcs2sv (wstr); + RETVAL = taint_if (wcs2sv (wstr), octets); free (wstr); } OUTPUT: @@ -950,7 +972,7 @@ for (int col = 0; col < THIS->ncol; col++) wstr [col] = l.t [col]; - XPUSHs (sv_2mortal (wcs2sv (wstr, THIS->ncol))); + XPUSHs (taint (sv_2mortal (wcs2sv (wstr, THIS->ncol)))); delete [] wstr; } @@ -1081,7 +1103,7 @@ rxvt_pop_locale (); - RETVAL = wcs2sv (rstr, r - rstr); + RETVAL = taint_if (wcs2sv (rstr, r - rstr), string); delete [] rstr; } @@ -1117,7 +1139,7 @@ else *r++ = *s; - RETVAL = wcs2sv (rstr, r - rstr); + RETVAL = taint_if (wcs2sv (rstr, r - rstr), text); delete [] rstr; } @@ -1149,7 +1171,7 @@ croak ("requested out-of-bound resource %s+%d,", name, index - rs->value); if (GIMME_V != G_VOID) - XPUSHs (THIS->rs [index] ? sv_2mortal (newSVpv (THIS->rs [index], 0)) : &PL_sv_undef); + XPUSHs (THIS->rs [index] ? sv_2mortal (taint (newSVpv (THIS->rs [index], 0))) : &PL_sv_undef); if (newval) { @@ -1240,7 +1262,7 @@ PPCODE: { if (GIMME_V != G_VOID) - XPUSHs (sv_2mortal (wcs2sv (THIS->selection.text, THIS->selection.len))); + XPUSHs (taint (sv_2mortal (wcs2sv (THIS->selection.text, THIS->selection.len)))); if (newtext) {