mstrhelix has asked for the wisdom of the Perl Monks concerning the following question:

This node falls below the community's minimum standard of quality and will not be displayed.

Replies are listed 'Best First'.
Re: stack manipulation
by Zaxo (Archbishop) on Dec 28, 2001 at 13:15 UTC

    I'm unaware of any buffer overflows in perl itself. It is easy to produce input for an insecure program with perl. I'm disinclined to help you with that. Other tools can do the same.

    After Compline,
    Zaxo

[reply]
      Good call Zaxo ++ for that.
[reply]
Re: stack manipulation
by Beatnik (Parson) on Dec 28, 2001 at 17:54 UTC
    Like zaxo points out, buffer overflows in Perl are very unlikely, since Perl doesn't force array/hash limits. If you want to add 10^100 elements to an array, just make sure you have enough memory. There are a number of resources which can help you on secure programming (in general). Check perlsec for starters. Some bits on Perl & CGI security are here, here and here. It helps to turn on warnings (discussed in perlvar, perlrun and perldiag) and taint checking (check here for more on it).

    Greetz
    Beatnik
    ... Quidquid perl dictum sit, altum viditur.
[reply]

Back to Seekers of Perl Wisdom