Skip Menu |
Report information
Id: 128684
Status: open
Priority: 0/
Queue: perl6

Owner: Nobody
Requestors: cpan [at] zoffix.com
Cc:
AdminCc:

Severity: (no value)
Tag: (no value)
Platform: (no value)
Patch Status: (no value)
VM: (no value)



Subject: .EVAL as a method call bypasses the MONKEY-SEE-NO-EVAL pragma
Download (untitled) / with headers
text/plain 628b
The EVAL as a sub shows an error message about MONKEY-SEE-NO-EVAL: m: my $x = 'say "hello"'; EVAL "$x" rakudo-moar 58dc8c: OUTPUT«===SORRY!=== Error while compiling <tmp>␤EVAL is a very dangerous function!!! (use MONKEY-SEE-NO-EVAL to override,␤but only if you're VERY sure your data contains no injection attacks)␤at <tmp>:1␤------> my $x = 'say "hello"'; EVAL "$x"…» However, if the method form of EVAL is used, no such error is generated: m: my $x = 'say "hello"'; "$x".EVAL rakudo-moar 58dc8c: OUTPUT«hello␤» Expected behaviour: both versions show the error. -- Cheers, ZZ | https://twitter.com/zoffix


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org