http://www.perlmonks.org?node_id=396377


in reply to Hacker Proofing My Script

Perl variables (scalars, hashes, arrays) expand dynamically as needed to accomodate data. So unless there is a bug in the core perl implementation of those types (or you have them tied to something that imposes such a limitation) you're effecitvely safe from something in perl causing a buffer overflow to execute remote code. This isn't saying that youre safe from a large piece of data causing a perl processes to use too much memory and crash the server (DOS style attack), or that something before or after perl (the web server or DB server) might not exhibit such a buffer overflow vulnerability that could be expolited through your code (even though your code itself may not be vulnerable).

L