Front page | perl.perl5.porters |
Postings from January 2005
In article <20050106092738.06e464_8@r2d2>, Marcus Holland-Moritz <mhx-perl@gmx.net> writes: > On 2005-01-05, at 22:00:18 -0000, Nicholas Clark (via RT) wrote: > ---snip-- >> My gut feeling is that the ability to make two (or more) different strings >> soft reference to the same location could be used for malice, although >> probably only on badly written perl 4 era CGI scripts. [that's the vast >> majority of the installed base of perl, isn't it? :-(] >> >> Presumably this should be documented. Should it also warn? Should it be >> fixed (presumably with a gv_fetchpvn) ? Has anyone used this for an >> obfuscation yet? > > I'd guess it wouldn't be a big difference in effort to make it emit > a warning or to fix it. But emitting a warning would require to scan > a string for a NUL byte (which it won't contain in most cases) each > time, so this might slow things down. > > Marcus > If it's passed as a char* string internally, it also means it can't properly handle utf8 since it misses the bit to tell if it's utf8 or not. My preference is definitely for fixing.Thread Previous | Thread Next