From 875d2d1d34aa0a6657891a86ed83e7e89966f237 Mon Sep 17 00:00:00 2001 From: Jesse Luehrs Date: Mon, 5 Sep 2011 19:54:11 -0500 Subject: don't allow invalid stash entry names --- Changes | 1 + lib/Package/Stash/PP.pm | 6 ++++++ t/paamayim_nekdotayim.t | 23 +++++++++++++++++++++++ 3 files changed, 30 insertions(+) create mode 100644 t/paamayim_nekdotayim.t diff --git a/Changes b/Changes index 2e96f70..de15ee8 100644 --- a/Changes +++ b/Changes @@ -4,6 +4,7 @@ Revision history for Package-Stash - bring the behavior of has_symbol for nonexistant scalars into line with the xs version - invalid package names (for instance, Foo:Bar) are not allowed + - invalid stash entry names (anything containing ::) are not allowed 0.31 2011-08-08 - fix ->add_symbol('$foo', qr/sdlfk/) on 5.12+ diff --git a/lib/Package/Stash/PP.pm b/lib/Package/Stash/PP.pm index b3e3a7d..408f3be 100644 --- a/lib/Package/Stash/PP.pm +++ b/lib/Package/Stash/PP.pm @@ -92,6 +92,12 @@ sub namespace { (defined $variable && length $variable) || confess "You must pass a variable name"; + # XXX in pure perl, this will access things in inner packages, + # in xs, this will segfault - probably look more into this at + # some point + ($variable !~ /::/) + || confess "Variable names may not contain ::"; + my $sigil = substr($variable, 0, 1, ''); if (exists $SIGIL_MAP{$sigil}) { diff --git a/t/paamayim_nekdotayim.t b/t/paamayim_nekdotayim.t new file mode 100644 index 0000000..2096cb4 --- /dev/null +++ b/t/paamayim_nekdotayim.t @@ -0,0 +1,23 @@ +#!/usr/bin/env perl +use strict; +use warnings; +use lib 't/lib'; +use Test::More; +use Test::Fatal; + +use Package::Stash; + +my $stash = Package::Stash->new('Foo'); +# this segfaulted on the xs version +like( + exception { $stash->add_symbol('@bar::baz') }, + qr/^Variable names may not contain ::/, + "can't add symbol with ::" +); +like( + exception { $stash->get_symbol('@bar::baz') }, + qr/^Variable names may not contain ::/, + "can't add symbol with ::" +); + +done_testing; -- cgit v1.2.3-54-g00ecf