in reply to
Re: How many bugs can *you* find
in thread How many bugs can *you* find
Please tell us this is not production code being used somewhere. Please?
Unfortunately, I can't tell you that. It is being used. It's in a script that is over 2,000 lines long and does not use strict. I added use strict and an extra 130 lines were added to the error log. As usual, I don't have a lot of time to fix this, and it's called from several different places. My only change at this point was to plug a nasty security that tinman alluded to:
Umm.. a biggie, but I don't think you're untainting any of the file name variables or the param variables that you recieve from the user... so a script kiddie style "rm -rf" hack is possible..
Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.