I had a bug in my code which was a result of insufficient validation of a string passed to the built-in hex function.
In my opinion, hex is much too forgiving. As shown in its documentation, it allows for a string to have a leading 0x; for example, it converts 0xC to 12. Although x is not a legal hexadecimal character, it is customary to denote a hex value with the 0xC prefix. This is quite reasonable.
Although not mentioned in the documentation, it also allows for a string to have a leading x; for example, it converts xC to 12. I guess that's reasonable, too.
My problem occurred when I inadvertently passed a lone x to hex. The function returned 0. Even with warnings enabled, I did not get a warning message (perl v5.12.2, linux):
perl -w -E "say hex(q{x})" 0
Passing it an illegal hex string like t does generate a warning, as desired:
perl -w -E "say hex(q{t})" Illegal hexadecimal digit 't' ignored at -e line 1. 0
I think passing a lone x should generate a warning message (with warnings enabled), but I'm not sure it's worth submitting a perlbug since I really need to do some checking before passing a string to hex anyway.
Here is a wrapper function I decided to use. It calls hex after performing some input validation:
sub hex2 { my $str = shift; $str =~ s/^(0x|x)//; if (length $str) { if ($str =~ /([^0-9a-f])/i) { die "hex2: Illegal hexadecimal digit found: '$1'"; } else { return hex $str; } } else { die "hex2: No chars found after stripping leading 0x or x"; } }
Another approach is to override hex.
|
|---|
| Replies are listed 'Best First'. | |
|---|---|
|
Re: Input validation for built-in hex function
by DStaal (Chaplain) on Aug 31, 2012 at 12:53 UTC |