develooper Front page | perl.perl5.porters | Postings from January 2005

Re: [perl #33689] no warning that variables names cannot containNUL bytes

Thread Previous | Thread Next
January 6, 2005 00:42
Re: [perl #33689] no warning that variables names cannot containNUL bytes
Message ID:
In article <20050106092738.06e464_8@r2d2>,
	Marcus Holland-Moritz <> writes:
> On 2005-01-05, at 22:00:18 -0000, Nicholas Clark (via RT) wrote:
>> My gut feeling is that the ability to make two (or more) different strings
>> soft reference to the same location could be used for malice, although
>> probably only on badly written perl 4 era CGI scripts. [that's the vast
>> majority of the installed base of perl, isn't it? :-(]
>> Presumably this should be documented. Should it also warn? Should it be
>> fixed (presumably with a gv_fetchpvn) ? Has anyone used this for an
>> obfuscation yet?
> I'd guess it wouldn't be a big difference in effort to make it emit
> a warning or to fix it. But emitting a warning would require to scan
> a string for a NUL byte (which it won't contain in most cases) each
> time, so this might slow things down.
> Marcus
If it's passed as a char* string internally, it also means it can't
properly handle utf8 since it misses the bit to tell if it's utf8 or
not. My preference is definitely for fixing.

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About