Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re^6: Is it safe to use external strings for regexes?

by dave_the_m (Monsignor)
on Oct 08, 2021 at 07:01 UTC ( #11137335=note: print w/replies, xml ) Need Help??


in reply to Re^5: Is it safe to use external strings for regexes?
in thread Is it safe to use external strings for regexes?

hm, we seem to be talking about different things
I thought we were talking about using strings obtained from an external source (such as a file or DB) as a regex, and whether the (?{...}) feature could be exploited in that case. The example you gave of concatting two halves of a regex still requires the code to be literal in the source (albeit split) to not need 'use re eval' in the src code, even prior to 5.18.0.

Dave.

  • Comment on Re^6: Is it safe to use external strings for regexes?

Replies are listed 'Best First'.
Re^7: Is it safe to use external strings for regexes?
by LanX (Sage) on Oct 08, 2021 at 10:01 UTC
    As I said, I'm thankful that your change rules out

    ''=~ ( '(?{B' . 'EGIN{print "owned"}})' )

    to happen.

    Like this I have a chance to statically check for BEGIN or use re before running perl -c

    (sorry eyepopslikeamosquito :)

    Cheers Rolf
    (addicted to the Perl Programming Language :)
    Wikisyntax for the Monastery

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11137335]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (4)
As of 2022-01-26 11:44 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:












    Results (69 votes). Check out past polls.

    Notices?