develooper Front page | perl.perl5.porters | Postings from October 1999

Re: printf is tainted!?

Thread Previous | Thread Next
Gurusamy Sarathy
October 23, 1999 18:22
Re: printf is tainted!?
Message ID:
On Sat, 23 Oct 1999 16:53:05 MDT, Tom Christiansen wrote:
>I read this in perlfunc:
>   To cope with broken systems that allow the standard locales to
>   be overridden by malicious users, the return value may be tainted
>   if any of the floating point formats are used and the conversion
>   yields something that doesn't look like a normal C-locale floating
>   point number.  This happens regardless of whether `use locale' is in
>   effect or not.
>Let us imagine that this is astonishing but true.  Shouldn't it be
>in perlsec?  And shouldn't it be in perldelta?

I don't really think the tainting behavior makes much sense.  See
the thread starting at:


Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About