Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re: What's your favourite method of untainting?

by ambrus (Abbot)
on Dec 16, 2005 at 11:53 UTC ( #517219=note: print w/ replies, xml ) Need Help??


in reply to What's your favourite method of untainting?

My favourite one is

$string =~ /\A(.*)\z/s or die; $string = $1;
however this one is also nice (for byte strings):
$x = pack "B*", do { unpack "B*", $x };
it appears that if you take a string apart to bits and reassemble, the result is untainted as the individual bits can't be tainted. In contrast, bytes are eight times larger then characters so they're large enough for taint to stick on them, thus the following doesn't untaint the string but returns it unchanged.
$x = pack "C*", do { unpack "C*", $x }; # wrong


Comment on Re: What's your favourite method of untainting?
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://517219]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (5)
As of 2015-01-28 10:19 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My top resolution in 2015 is:

















    Results (213 votes), past polls