Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Re^2: Can someone help me to explain the code below

by Fletch (Bishop)
on Aug 03, 2010 at 20:54 UTC ( [id://852745]=note: print w/replies, xml ) Need Help??


in reply to Re: Can someone help me to explain the code below
in thread Can someone help me to explain the code below

When running under -T it will also make an untainted copy of the contents of $this_in in $this_mail (presuming $this_in was from a tainted source)</nit>

$ perl -MScalar::Util=tainted -lT -e '($o)=$ENV{PWD}=~/(.*)/gio;print +tainted( $_ ) for ( $o, $ENV{PWD} )' 0 1

(Not that that's the case here, but saying it's just a copy assignment isn't universally true . . .)

Update: And before someone else outpedants me, as toolic points out above that should really be "... an untainted copy up to the first newline of the contents ..." :)

The cake is a lie.
The cake is a lie.
The cake is a lie.

Replies are listed 'Best First'.
Re^3: Can someone help me to explain the code below
by ww (Archbishop) on Aug 04, 2010 at 21:11 UTC
    Well, true, but <nit>
    We're untainting only to the extent that we're performing a function that Perl (uncritically) reads as untainting... but without any substantive untainting...

    In other words, <c>(($this_mail) = ($this_in =~ /(.*)/gio));<c> passes the entire tainted input without any attempt to cull out unacceptable content.

    </nit> (or is it merely a nit?)

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://852745]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others imbibing at the Monastery: (4)
As of 2024-03-19 09:31 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found