develooper Front page | perl.perl5.porters | Postings from October 1999

Re: [BUG] taint seeps

Thread Previous | Thread Next
M.J.T. Guy
October 26, 1999 05:58
Re: [BUG] taint seeps
Message ID:
Hugo <> wrote
   [ about the leaking of taintedness ]

I had always understood this as a feature, because Perl only does
a very limited data flow analysis.    Specifically, once a tainted
value has been encountered within an expression, all subsequent values
generated in the expression are assumed to be tainted.

Doing anything more complicated would be very expensive  -  presumably
there'd have to be a separate taint flag for each subexpression or

And this _is_ documented, even if obliquely, in perlsec:

                                               Any variable set
to a value derived from tainted data will itself be tainted,
even if it is logically impossible for the tainted data
to alter the variable.

Mike Guy

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About