Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

Re: What's your favourite method of untainting?

by ambrus (Abbot)
on Dec 16, 2005 at 11:53 UTC ( #517219=note: print w/ replies, xml ) Need Help??


in reply to What's your favourite method of untainting?

My favourite one is

$string =~ /\A(.*)\z/s or die; $string = $1;
however this one is also nice (for byte strings):
$x = pack "B*", do { unpack "B*", $x };
it appears that if you take a string apart to bits and reassemble, the result is untainted as the individual bits can't be tainted. In contrast, bytes are eight times larger then characters so they're large enough for taint to stick on them, thus the following doesn't untaint the string but returns it unchanged.
$x = pack "C*", do { unpack "C*", $x }; # wrong


Comment on Re: What's your favourite method of untainting?
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://517219]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (8)
As of 2014-12-19 02:33 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (70 votes), past polls