develooper Front page | perl.perl5.porters | Postings from January 2012

Re: [perl #108780] overload::StrVal and qr//

Thread Previous | Thread Next
From:
Nicholas Clark
Date:
January 31, 2012 08:52
Subject:
Re: [perl #108780] overload::StrVal and qr//
Message ID:
20120131165240.GI9069@plum.flirble.org
On Sun, Jan 29, 2012 at 09:34:37PM +0000, Dave Mitchell wrote:
> On Sun, Jan 29, 2012 at 01:03:52PM -0800, Father Chrysostomos via RT wrote:

> > Is there any chance your incomplete work could be merged to blead?
> > 
> > After all, it's already better that what we now have in blead.
> 
> I'd prefer not to. We're only 3 weeks away from user-visible changes
> freeze, and 2 months away from 5.16-RC0,  so it's highly likely that the
> rest of my planned work won't make into 5.16. Which would mean we have a

Much that I like your fixes as soon as possible, I think I'd be uncomfortable
with them going into blead if they were *all* ready now (which of course they
aren't), and extremely uncomfortable with them going in either incomplete,
or complete but closer to 5.16.

I hope they'll be one of the first things merged into 5.17
And that there aren't too many 80%s left.

> Also, I am unclear as to whether the 'use re eval' security mechanism
> works 100% correctly in this in-between state; I know it will be secure at
> the end when I rip out the PL_reginterp_cnt mechanism, but I haven't
> bothered to ensure safety while its in a hybrid state.

Get that wrong and we'll be fighting CVEs. That's not a risk that seems
worth it.

Nicholas Clark

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About