New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Causing code to execute after a regex interpolation #5700
Comments
From ton@infonet-europe.netCreated by hostmaster@eqip.netWhen (?{}) and co were introduced there was a lot of discussion However, along another route the problem returned perl -we 'sub foo { print "foobar\n" } $x = shift; /$x/' '\p{foo}' echo 'print "foobar\n"' > foo.pl; perl -we '$x = shift; /$x/' '\p{foo}' Yes, i know -T stops this, and, yes, i know interpolating user variables If you give the full path, -T doesn't even stop it: basically you get a remote-controlled "do". I fear this is a big security hole for quite a few CGI scripts that Perl Info
|
From @rgarciaOn 2002.07.03 18:21 ton@infonet-europe.net wrote:
5.8.0 RC2 doesn't give this result : it prints nothing. |
p5p@spam.wizbit.be - Status changed from 'open' to 'resolved' |
Migrated from rt.perl.org#10023 (status was 'resolved')
Searchable as RT10023$
The text was updated successfully, but these errors were encountered: