
No such thing as a small change
	PerlMonks

Danger!

by Fastolfe (Vicar)

on Jan 01, 2001 at 16:46 UTC ( [id://49193]=note: print w/replies, xml )

Need Help??

This is an archived low-energy page for bots and other anonmyous visitors. Please sign up if you are a human and want to interact.

in reply to Re: Syntax Error Checking
in thread Syntax Error Checking

Be very wary of using this with untrusted data. In the general case, sure, it might be a useful way to see if code compiles cleanly in the event you aren't prepared to execute it yet, but DO NOT use this method as any form of secure "compile only" test. What if the user provided "1 }; system("do something evil");" as their code?

My first thought was to extend this eval method into using a 'reval' with a Safe compartment (with an obscenely strict opcode mask), which would prevent any "extra" code from being executed, but it seems as though the opcode mask is checked at compile time, which means the compilation would fail for legitimate stuff.

Comment on Danger! Download Code

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://49193]
help

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Notices^?

	• hippo	‥ epoptai's answer Re: how do I set a cookie and redirect was blessed by hippo!
	• erzuuli	‥ Anonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.