Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Re^3: hex numbers

by davido (Cardinal)
on Jan 14, 2021 at 19:14 UTC ( #11126927=note: print w/replies, xml ) Need Help??

in reply to Re^2: hex numbers
in thread hex numbers

I'm certainly aware that many modules even do this:

our $VERSION = "1.2.3_001"; $VERSION = eval $VERSION;

As documented in perlmodstyle, I think. The specific code I used in the example isn't unsafe. But the evaluation of a string can be unsafe if the string's source isn't well controlled. And if the original poster were able to hard code hex, he could do so using 0x literals. Since he's not using 0x literals, I assume that's because the hex strings are coming from somewhere external. And at that point the caveats about evaluating strings apply.

But you're correct. What I posted isn't inherently unsafe. The practice is inherently easy to make unsafe, though.


Replies are listed 'Best First'.
Re^4: hex numbers
by shmem (Chancellor) on Jan 14, 2021 at 19:50 UTC
    The practice is inherently easy to make unsafe, though.

    This is true. I should have posted the following rewrite of your example

    # This works but is NOT recommended, and can be unsafe. my $s = "0xDEADBEEF"; # here we assign from a constant - but where # does the value come from in your code? my $n = eval $s; print "$n\n"; # Output: # 3735928559

    which makes that point clear. It is not the eval of a string constant, hard coded into a program which is unsafe, but eval'ing a string from elsewhere.

    perl -le'print map{pack c,($-++?1:13)+ord}split//,ESEL'

      That is totally reasonable.

      My assumption was that if I didn't throw up a big red flag that implementation would have been the one that got used, and then we would be promoting a high risk behavior. Your comment is better.


Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://11126927]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (5)
As of 2021-05-14 23:50 GMT
Find Nodes?
    Voting Booth?
    Perl 7 will be out ...

    Results (150 votes). Check out past polls.