in reply to Re: Re: Back to acceptable untainted characters
in thread Back to acceptable untainted characters

How does one mark a variable as tainted?
use Taint ();
Taint::taint($untrustedvalue);

[download]

For example, if you use a regex to parse the key-value fields out of a query string and reverse the CGI encoding, you should mark the resulting data as tainted. (The "use CGI or die" advocates will tell you that you shouldn't be writing your own function for that anyway, but hat's another debate for another thread.) 

$;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}}
split//,".rekcah lreP rehtona tsuJ";$\=$ ;->();print$/

[download]

Replies are listed 'Best First'.
Re: Re: Back to acceptable untainted characters
by bunnyman (Hermit) on Sep 09, 2003 at 15:40 UTC

    That is not a standard module. It is not pure-Perl code either. (It uses XS to reach into the interpreter guts and set the tainted bit.)

[reply]

In Section Seekers of Perl Wisdom