Re^2: Extra CGI.pm safety by stripping \x00 bytes?


Keep It Simple, Stupid
	PerlMonks

Re^2: Extra CGI.pm safety by stripping \x00 bytes?

by rlucas (Scribe)

on May 26, 2005 at 19:56 UTC ( [id://460852]=note: print w/replies, xml )

Need Help??

in reply to Re: Extra CGI.pm safety by stripping \x00 bytes?
in thread Extra CGI.pm safety by stripping \x00 bytes?

OK - thanks for clarifying that for me. I understood the nature of the crack as described by Ovid in his node (and by others elsewhere on the web). In fact, I'm not anticipating sending anything to system(), and I'm tainting things.

However, when I send utf8 text to other external C programs (databases, for example, or sendmail), should I take special caution in those cases?

Comment on Re^2: Extra CGI.pm safety by stripping \x00 bytes?

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://460852]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others browsing the Monastery: (2)

As of 2024-04-26 06:32 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found