develooper Front page | perl.perl5.porters | Postings from October 2012

Re: Security Issues in perl-5.16.x

Thread Previous | Thread Next
From:
demerphq
Date:
October 2, 2012 16:28
Subject:
Re: Security Issues in perl-5.16.x
Message ID:
CANgJU+XdN=AVmDdwrQqyAGqFqQj7hc7cG1AA8fJboiwXGb5dKQ@mail.gmail.com
On 3 October 2012 01:10, Chip Salzenberg <rev.chip@gmail.com> wrote:
> On Mon, Oct 1, 2012 at 11:56 PM, Aristotle Pagaltzis <pagaltzis@gmx.de> wrote:
>> * Chip Salzenberg <rev.chip@gmail.com> [2012-10-02 07:05]:
>>> If you meant only to restrict only strings handed to require and do
>>> FILE, I would not fork Perl for that. Of course I would still hold
>>> you in derision for demanding it, given its utter uselessness; and
>>> I would enthusiastically mock anyone who decided to go along with you.
>>> But I wouldn't fork Perl.
>>
>> Just because? Or do you have any use for that?
>
> I do have a use.  For the first example off the top of my head, I've
> made some spam-fighting software that uses packed IPv4 addresses as
> hash keys.  Those have NULs in them for sure.
>
> I truly can't believe this is a question.  Strings can have NULs in
> them.  Hash keys are strings...

I personally have not read any of this discussion as suggesting that
hash keys in general should not be allowed to contain nulls. To me
that is so obviously ridiculous that I think we can assume that no-one
is suggesting it.

The interpretation I have is that people think we should not end up
with package names that contain nulls, which seems to me to be a much
more reasonable request.

Yves

-- 
perl -Mre=debug -e "/just|another|perl|hacker/"

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About