Front page | perl.perl5.porters |
Postings from October 1999
Re: [BUG] taint seeps
Thread Previous
|
Thread Next
From:
M.J.T. Guy
Date:
October 26, 1999 05:58
Subject:
Re: [BUG] taint seeps
Message ID:
E11g6B4-0007lP-00@taurus.cus.cam.ac.uk
Hugo <hv@crypt.compulink.co.uk> wrote
[ about the leaking of taintedness ]
I had always understood this as a feature, because Perl only does
a very limited data flow analysis. Specifically, once a tainted
value has been encountered within an expression, all subsequent values
generated in the expression are assumed to be tainted.
Doing anything more complicated would be very expensive - presumably
there'd have to be a separate taint flag for each subexpression or
something.
And this _is_ documented, even if obliquely, in perlsec:
Any variable set
to a value derived from tainted data will itself be tainted,
even if it is logically impossible for the tainted data
to alter the variable.
Mike Guy
Thread Previous
|
Thread Next