Hi,

I've reduced it to 10 lines or so, with no external I/O.
I think this is a bug, unless I'm really doing something dumb.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#!/usr/bin/env ruby

$SAFE = 1 if $SAFE < 1

line = "vanilla tastyspleen.net:27912\n"
line.taint
line.chop!
line.strip!
line =~ /\A[A-Za-z0-9\s.:-]+\z/   #### this triggers it
line.untaint
if line =~ /(\w+)\s+([^\s:]+)(?::(\d+))?/
  addr, port, nick = $2, $3 || "27910", $1
  $stderr.puts "a=#{addr.tainted?} p=#{port.tainted?} n=#{nick.tainted?} l=#{line.tainted?} #{line}"
end

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For me, (ruby 1.8.4 (2005-12-24) [i686-linux]), the above prints:

  a=true p=true n=true l=false vanilla tastyspleen.net:27912

indicating line is not tainted, but the capture values pulled out of it are.


But, if I remove the "this triggers it" line, then the program prints:

  a=false p=false n=false l=false vanilla tastyspleen.net:27912

which is how it used to behave under 1.8.2.


Here's a one-liner version of it:

ruby -ve '$SAFE=1; l="foo".taint; l=~/(.)/; l.untaint; l=~/(.)/; p $1.tainted?'
ruby 1.8.4 (2005-12-24) [i686-linux]
true

ruby -ve '$SAFE=1; l="foo".taint;           l.untaint; l=~/(.)/; p $1.tainted?'
ruby 1.8.4 (2005-12-24) [i686-linux]
false


Hope this helps,

Regards,

Bill