I'm only slowly getting back into hacking perl since I've been on
paternity leave for three weeks. I've now got and built 5.002b1d
and checked out the Safe extension which Jarkko let me know was
misbehaving with 5.002b1. The "safety" isn't a problem; it just
turned out that $cpt->reval() wasn't propagating the error return
value out of the compartment properly. The explanation is that
5.002 caches the GV for $@ as errgv whereas 5.001 always did a
GvSV(gv_fetchpv("@", ...). So with 5.001, doing perl_call_sv
within a compartment was finding $@ subject to the fake top of the
symbol tree and with 5.002 it was going straight to the real $@.
Enough explanation: here's the upshot. Although I *can* fix it to
get the old behaviour (and will do if people insist) the new
G_KEEPERR flag to perl_call_sv means that it is even simpler to
change the bahaviour of
$foo = $cpt->reval($whatever)
so that it behaves more like
$foo = eval $whatever;
Recall that reval currently returns any error message in $whatever
to $foo (e.g. "<naughtyop> trapped by operation mask..."). However
a real eval returns the value of the last statement and sets $@ on
errors. I can make use of G_KEEPERR and tweak Safe.pm (by just
deleting two lines actually :-) so that reval behaves this way
instead. The question is
Do you think I should change Safe to this behaviour?
Of course, I can always add a flag to choose somehow between the
old and the new but that might get messy. I can think of some
obvious pros and cons (mostly cons, if I going to be cautious).
I'd like #define USE_OP_MASK to be the default in 5.002 and
I'm going to send in a patch for that, along with one that changes
MAXO to be a variable rather than a #define. That makes it safer
for old versions of Safe.so to work with new versions of perl.
I think I remember Larry saying that USE_OP_MASK would be OK as
a default in 5.002 but I'm letting people know here so that they
can argue against it if they wish rather than slipping it in under
their noses. I also think it might be nice to have Safe distributed
with the standard perl distribution. What do you all think?
--Malcolm
--
Malcolm Beattie <mbeattie@sable.ox.ac.uk>
Unix Systems Programmer
Oxford University Computing Services
paternity leave for three weeks. I've now got and built 5.002b1d
and checked out the Safe extension which Jarkko let me know was
misbehaving with 5.002b1. The "safety" isn't a problem; it just
turned out that $cpt->reval() wasn't propagating the error return
value out of the compartment properly. The explanation is that
5.002 caches the GV for $@ as errgv whereas 5.001 always did a
GvSV(gv_fetchpv("@", ...). So with 5.001, doing perl_call_sv
within a compartment was finding $@ subject to the fake top of the
symbol tree and with 5.002 it was going straight to the real $@.
Enough explanation: here's the upshot. Although I *can* fix it to
get the old behaviour (and will do if people insist) the new
G_KEEPERR flag to perl_call_sv means that it is even simpler to
change the bahaviour of
$foo = $cpt->reval($whatever)
so that it behaves more like
$foo = eval $whatever;
Recall that reval currently returns any error message in $whatever
to $foo (e.g. "<naughtyop> trapped by operation mask..."). However
a real eval returns the value of the last statement and sets $@ on
errors. I can make use of G_KEEPERR and tweak Safe.pm (by just
deleting two lines actually :-) so that reval behaves this way
instead. The question is
Do you think I should change Safe to this behaviour?
Of course, I can always add a flag to choose somehow between the
old and the new but that might get messy. I can think of some
obvious pros and cons (mostly cons, if I going to be cautious).
I'd like #define USE_OP_MASK to be the default in 5.002 and
I'm going to send in a patch for that, along with one that changes
MAXO to be a variable rather than a #define. That makes it safer
for old versions of Safe.so to work with new versions of perl.
I think I remember Larry saying that USE_OP_MASK would be OK as
a default in 5.002 but I'm letting people know here so that they
can argue against it if they wish rather than slipping it in under
their noses. I also think it might be nice to have Safe distributed
with the standard perl distribution. What do you all think?
--Malcolm
--
Malcolm Beattie <mbeattie@sable.ox.ac.uk>
Unix Systems Programmer
Oxford University Computing Services