in reply to •Re: Re: Re: How to identify invalid reg. expr.?
in thread How to identify invalid reg. expr.?

Here we go: Just to verify, I just changed it to 
      eval { use re 'eval'; no warnings; "" =~ /$searchstring/ };

[download]
Run from the browser, it generates an internal server error (the log complains of premature end of script headers, regardless of how the script is run.) but no coredump. When run from the command line, the script is aborted and does dump core. Umm, yay. (Maybe the lack of core dump is due to apache? I'll look into it.)

So, I'll consider removing the regex search completely, or building one from pieces as samtregar mentioned in a previous post. (I already have AND and ANY searches, though. We'll see what I can come up with.) Thanks for the tips, folks.

--

There are 10 kinds of people -- those that understand binary, and those that don't.

Replies are listed 'Best First'.
•Re: Re: ?Re: Re: Re: How to identify invalid reg. expr.?
by merlyn (Sage) on Jun 05, 2002 at 20:59 UTC
    No, that's backwards. If you're building CGI, you do not want to use re eval. The default is the safety that I insisted they add.

    Just use this: 

    my $regex = param('foo');
$regex = eval { qr/$regex/ };
if ($@) { "it was bad... handle it" }

    [download]
    Then use $regex later, safely, as a compiled regex. In fact, wait, it's simpler than that: 
    my $regex = param('foo');
$regex = eval { qr/$regex/ } or do {
  # handle failure
};

    [download]
    since eval will return undef on a failed block, or the compiled Regex object (always true) if it's a valid regex.

    -- Randal L. Schwartz, Perl hacker

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom