Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re: Execute a string which has math operation

by Athanasius (Archbishop)
on Jan 05, 2014 at 04:40 UTC ( [id://1069350]=note: print w/replies, xml ) Need Help??


in reply to Execute a string which has math operation

Use eval:

#! perl use strict; use warnings; my ($a, $b, $c) = (4, 2, '-'); my $op = "$a $c $b"; print "$op = ", eval $op, "\n";

Output:

14:39 >perl 823_SoPW.pl 4 - 2 = 2 14:39 >

Hope that helps,

Athanasius <°(((><contra mundum Iustus alius egestas vitae, eros Piratica,

Replies are listed 'Best First'.
Re^2: Execute a string which has math operation
by bulk88 (Priest) on Jan 05, 2014 at 07:23 UTC
    That should be sanitized somehow. IDK exactly how but that looks like perl injection/rooting.

      It is - using eval to execute user supplied 'stuff' is dangerous. However it's _most_ dangerous when the program runs as a privileged user (e.g. web server, database instance). If I write a script, and then 'break' it, then I don't elevate my privileges, so at best it's a cute trick, on a part with using perl to 'process' STDIN.

      A case in point

      If however, you do have potential privilege escalation, then it's very important to sanitise your inputs. Normally, you'd do this by 'whitelisting' certain characters (e.g. numbers + arithmetic operators) and removing anything that isn't. URI::Escape may be useful for that - if you do it right, a regular expression will do the trick, but I can't elaborate off the top of my head.

Re^2: Execute a string which has math operation
by irah (Pilgrim) on Jan 05, 2014 at 04:44 UTC

    Thanks Athanasius

    I was tried to execute directly without string into the variable. Thank you so much.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1069350]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having an uproarious good time at the Monastery: (7)
As of 2024-03-28 10:01 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found