#/usr/bin/perl -T

$insecure = $ARGV[0];

eval makeformat($insecure);
write;

sub makeformat {
    my($name) = @_;		# note: $name is tainted

    return "format = \n" .
           "\@<<<<\n" .
           '$' . $name . "\n" .
           ".\n"

    # the returned format string is tainted
}