--- lib/Data/FormValidator/Results.pm.orig 2012-08-16 10:54:34.168443434 +0200
+++ lib/Data/FormValidator/Results.pm 2012-08-16 10:54:52.126443666 +0200
@@ -807,7 +807,7 @@
# With methods, the value is the second argument
my $val = $force_method_p ? $_[1] : $_[0];
my ($match) = scalar ($val =~ $re);
- if ($untaint_this && defined $match) {
+ if ($untaint_this && $match) {
# pass the value through a RE that matches anything to untaint it.
my ($untainted) = ($& =~ m/(.*)/s);
return $untainted;
--- /dev/null 2012-06-14 10:53:10.614001004 +0200
+++ t/untaint_match_check.t 2012-08-16 10:57:38.747450934 +0200
@@ -0,0 +1,16 @@
+use strict;
+use warnings;
+use Test::More tests => 3;
+use Data::FormValidator;
+"unrelated match" =~ /match/;
+my $result = Data::FormValidator->check(
+ { a => 'invalid value' }, # input data
+ { # validation profile
+ untaint_all_constraints => 1,
+ optional => ['a'],
+ constraints => { a => qr/never matches/, },
+ },
+);
+ok( not $result->success ) or diag( 'Valid: ', $result->valid );
+ok( $result->has_invalid );
+is_deeply( scalar( $result->invalid ), { 'a' => [qr/never matches/] } );
distrib
>
Mageia
>
1
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
4a447e045ded5919711fcd97ac3949e2
>
files
>
1
