Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??

I'll bite.

package Acme::Unicorn::Horn::Blessed; use strict; use warnings; BEGIN { use Exporter (); use vars qw ($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); $VERSION = 0.01; @ISA = qw (Exporter); @EXPORT = qw (horn); @EXPORT_OK = qw (); %EXPORT_TAGS = (); } =head1 NAME Acme::Unicorn::Horn::Blessed - A blessed horn of a unicorn untaints ev +erything =head1 SYNOPSIS use Acme::Unicorn::Horn::Blessed; $untainted = horn( $tainted ); $untainted = horn( $tainted, blessed => 0 ); =head1 DESCRIPTION I<A blessed horn of a unicorn untaints everything.> This module untaints everything. =head1 USAGE =head2 horn( tainted_variable, [options] ) Untaint a variable. my $untainted = horn( $tainted ); # if we want to make sure no hackers can harm us, use an 'unblessed +horn of a unicorn' my $untainted = horn( $tainted, blessed => 0 ); =cut sub horn { my $variable = shift; my %options = @_ if ( scalar @_ % 2 ); my $foo; if ( exists $options{ blessed } and not $options{ blessed } ) +{ $foo = undef; } else { ($foo) = ($variable =~ /^(.*)$/gs); } return $foo; } =head1 BUGS The obvious problems you will have with considering tainted va +riables as untainted. =head1 AUTHOR Bryan =head1 COPYRIGHT This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. The full text of the license can be found in the LICENSE file included with this module. =head1 SEE ALSO perl(1). =cut 1;

Note: Untested. And no, I'm not uploading this.


Update: It seems my untested code did have a flaw! Thanks ambrus++.

In reply to Re^2: What's your favourite method of untainting? by mrborisguy
in thread What's your favourite method of untainting? by Corion

Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":

  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?

    What's my password?
    Create A New User
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others rifling through the Monastery: (4)
    As of 2020-04-10 07:15 GMT
    Find Nodes?
      Voting Booth?
      The most amusing oxymoron is:

      Results (49 votes). Check out past polls.