develooper Front page | perl.perl5.porters | Postings from October 2012

Re: Security Issues in perl-5.16.x

Thread Previous | Thread Next
Chip Salzenberg
October 1, 2012 22:01
Re: Security Issues in perl-5.16.x
Message ID:
On Mon, Oct 1, 2012 at 6:30 PM, Reini Urban <> wrote:
> Chip threatened to fork perl if \0 in names were disallowed, which I
> found amusing.  I think he wanted to keep \0 at the end, because
> they do not much harm. I meant \0 in the middle.

I meant \0 in the middle, and I meant it; because as you described it,
you wanted to prevent hashes generally from containing such keys.
This is NOT OK.

If you meant only to restrict only strings handed to require and do
FILE, I would not fork Perl for that.  Of course I would still hold
you in derision for demanding it, given its utter uselessness; and I
would enthusiastically mock anyone who decided to go along with you.
But I wouldn't fork Perl.

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About