Re^2: Executing code block in memory


Think about Loose Coupling
	PerlMonks

Re^2: Executing code block in memory

by morissette (Novice)

on Aug 08, 2012 at 20:36 UTC ( [id://986358]=note: print w/replies, xml )

Need Help??

in reply to Re: Executing code block in memory
in thread Executing code block in memory

Here's the output:

Stdout: 
Stderr: 
Result: print "hi";
[download]

Here's my test code

#!/usr/bin/perl
use URI::Escape;
use HTML::Entities;
use Capture::Tiny qw/capture/;
use CGI qw/:standard/;
print "Content-type: text/html\n\n";

if(param('test')){
        my $code = param('test');
        $code = uri_unescape($code);
        $code = encode_entities($code);
        my($stdout, $stderr, @result) = capture { $code };
        print "Stdout: $stdout\n";
        print "Stderr: $stderr\n";
        print "Result: @result\n";
}
[download]

Obviously what I really want to be returned here is the word: 'hi'. Maybe that clears up what I am trying to do.

Comment on Re^2: Executing code block in memory Select or Download Code

Replies are listed 'Best First'.

Re^3: Executing code block in memory
by davido (Cardinal) on Aug 08, 2012 at 21:15 UTC

Capture::Tiny

eval

Safe

use strict;
use warnings;

use Capture::Tiny qw/capture/;

my $code = 'print "hi"';

my($stdout, $stderr, @result) = capture { eval $code };
print "Stdout: $stdout\n";
print "Stderr: $stderr\n";
print "Result: @result\n";
[download]

The output will be:

Stdout: hi
Stderr: 
Result: 1
[download]

You might be wondering where "1" comes from. print returns true on success, and that propagates through the eval back to capture, which rolls it into the result set.

Now once you introduce Safe (which I suspect you probably will end up doing), things get a lot more complicated really fast, and you'll still be exposed to DOS attacks.

Dave

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom