develooper Front page | perl.perl5.porters | Postings from March 2013

Re: [perl #117215] length $tainted_var is tainted; should it be?

Ed Avis
March 19, 2013 17:00
Re: [perl #117215] length $tainted_var is tainted; should it be?
Message ID:
Leon Timmermans <fawaka <at>> writes:

>>The value returned by "length" can be tainted even though it's
>>just an integer.  Is this a bug, or is it by design?
>AFAIK any $foo = <expression using a tainted value> should make $foo
>tainted, unless stated otherwise.

Agreed.  But this does argue for an untaint() builtin as part of the language,
since doing a regular expression match on something that's always an integer
starts to look a bit daft.

Ed Avis <> Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About