develooper Front page | perl.perl5.porters | Postings from April 2007

Re: Tainted coderefs and other things

Thread Previous | Thread Next
Ævar Arnfjörð Bjarmason
April 30, 2007 22:10
Re: Tainted coderefs and other things
Message ID:
On 4/30/07, David Nicol <> wrote:
> On 4/29/07, Ævar Arnfjörð Bjarmason <> wrote:
> > I test for this amongst other things in Taint::Util's t/usage.t test.
> > It also allows you to taint any reference (including coderefs) but
> > that's manual mucking around with SV*'s as has been pointed out.
> So what are the implications of a tainted coderef?  Are any results
> tainted, or has that particular situation not been allowed for?

The implications for all tainted references is the same: their
stringified forms become tainted. This is why tainting of the qr//
object (which is a reference) works, the only difference between it
and normal objects is that is magically stringifies to the wrapped
pattern instead of something like Regexp=SCALAR(0x814f5c4).

So no, the results of a tainted coderef will not be tainted since
tainting is a per-scalar thing, the coderef itself could of course
return a tainted scalar or be evaluated in an expression that
contained other tainted data..

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About