This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.
Bill, >Date: Wed, 16 Aug 2000 16:49:04 -0700 >From: "William R Moninger" <address@hidden> >Organization: NOAA/FSL >To: Steve Emmerson <address@hidden> >Subject: Re: 20000816: varget problem: segmentation fault >Keywords: 200008161736.e7GHaON16062 The above message contained the following: > talk about obscure! It looks like the problem was caused by perl's > Taint flag (always a good thing to use). I have to admit, I've never used the "taint" flag. My perl manual page says this about the "taint" flag: -T forces "taint" checks to be turned on so you can test them. Ordinarily these checks are done only when running setuid or setgid. It's a good idea to turn them on explicitly for programs that run on behalf of someone else whom you might not necessarily trust, such as CGI programs or any internet servers you might write in Perl. See the perlsec manpage for details. ... Are you executing the perl script setuid or setgid? > The $filename variable was tainted because it was made up of variables > that included $ARG[m]. Apparently some of the netCDF routines don't > care about tainted variables, but ncvarget does. > > When I untaint the variable as follows: > # untaint the filename > $filename =~ /(.*)/; > $filename = $1; > > the problem seems to go away. It also goes away if I remove the taint > flag. > > I'm not certain this is the end of the problem--I recall having a > similar problem in an earlier perl script that used the netCDF module > and I made that disappear by adding a few no-op lines of code. (That > wasn't a solution I was very happy with.) > > I wonder if you can duplicate this on your installation? I can try, but I don't know when I'll get around to it. Regards, Steve Emmerson <http://www.unidata.ucar.edu>