[ID 20000419.001] 5.6 perlipc docs typo

Front page | perl.perl5.porters | Postings from April 2000

[ID 20000419.001] 5.6 perlipc docs typo

From:

Jeff Pinyan

Date:

April 19, 2000 06:03

Subject:

[ID 20000419.001] 5.6 perlipc docs typo

Message ID:

Pine.GSO.4.21.0004190855160.28375-100000@crusoe.crusoe.net

perlipc.pod:

         $port = $1 if $port =~ /(\d+)/; # untaint port number

No, sorry, it doesn't.  In fact, you won't get a tainting error if $port
doesn't hold digits.  sockaddr_in() complains about it first.

==patch================================================>

--- perlipc.pod	Thu Mar 23 12:18:51 2000
+++ perlipc.pod.new	Wed Apr 19 09:01:38 2000
@@ -667,7 +667,8 @@
 
     my $port = shift || 2345;
     my $proto = getprotobyname('tcp');
-    $port = $1 if $port =~ /(\d+)/; # untaint port number
+
+    ($port) = $port =~ /^(\d+)$/                        || die "invalid port";
 
     socket(Server, PF_INET, SOCK_STREAM, $proto)	|| die "socket: $!";
     setsockopt(Server, SOL_SOCKET, SO_REUSEADDR,
@@ -710,7 +711,8 @@
 
     my $port = shift || 2345;
     my $proto = getprotobyname('tcp');
-    $port = $1 if $port =~ /(\d+)/; # untaint port number
+
+    ($port) = $port =~ /^(\d+)$/                        || die "invalid port";
 
     socket(Server, PF_INET, SOCK_STREAM, $proto)	|| die "socket: $!";
     setsockopt(Server, SOL_SOCKET, SO_REUSEADDR,

<=patch=================================================

[ID 20000419.001] 5.6 perlipc docs typo by Jeff Pinyan

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About