[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

Re: [FWP] Untainting a string

To: Bernie Cosell <bernie@fantasyfarm.com>, fwp@technofile.org
Subject: Re: [FWP] Untainting a string
From: Michael G Schwern <schwern@pobox.com>
Date: Wed, 28 Jul 1999 17:39:47 -0400
In-Reply-To: <199907281856.OAA02343@mercury.rev.net>; from Bernie Cosell on Wed, Jul 28, 1999 at 02:58:16PM -0400
References: <199907281856.OAA02343@mercury.rev.net>

On Wed, Jul 28, 1999 at 02:58:16PM -0400, Bernie Cosell wrote:
> Just wondering what the cleverest/cutest/etc way to untaint a string.  I 
> often [almost all of the time actually] verify that a tainted-value is OK 
> and can be safely used *WITHOUT* actually doing syntactic matching on the 
> string...  and so I also almost all the time just want to say "OK, 
> untaint this sucker".  Lately I've been using:
> 
>      ($var) = $var =~ /(.*)/ ;
> 
> is there some sexier idiom for this kind of thing?

Well, for all you 5.004 people...

	$var =~ s///;

This is a *BUG* in 5.004_04 (I hope it was fixed in 5.004_05) but I
figured I'd mention it.

-- 

Michael G Schwern                                           schwern@pobox.com
                    http://www.pobox.com/~schwern
     /(?:(?:(1)[.-]?)?\(?(\d{3})\)?[.-]?)?(\d{3})[.-]?(\d{4})(x\d+)?/i

==== Want to unsubscribe from Fun With Perl?  Well, if you insist...
==== Send email to <fwp-request@technofile.org> with message _body_
====   unsubscribe

References:
- [FWP] Untainting a string
  - From: "Bernie Cosell" <bernie@fantasyfarm.com>

Prev by Date: Re: [FWP] $_=$l[rand@l];
Next by Date: [FWP] Re: PerlOS
Prev by thread: [FWP] Untainting a string
Next by thread: [FWP] $_=$l[rand@l];
Navigation: Date Index | Thread Index | Search | Other lists at bumppo.net