in reply to User regexps

...This is all wrapped in an eval, so I catch badly formed regexps; I am worried about intentional or unintentional ill-effects beyond an error...

You should use taint.

You should be aware of what use re 'eval' allows you to do with regular expressions.

And you should of course be aware of source code injection. Suppose the user specifies: "a/; system( 'some evil command' ); m/a" and your code is: 

eval "m/$query/";

[download]
you're in deep trouble.

Liz

Replies are listed 'Best First'.
Re: User regexps
by Abigail-II (Bishop) on Jan 14, 2004 at 15:39 UTC
    And you should of course be aware of source code injection. Suppose the user specifies: "a/; system( 'some evil command' ); m/a" and your code is: 
    eval "m/$query/";

    [download]
    But that's not the code! Read the post. The code is: 
    my $re = $_->regex;
$matchtext =~ /$re/i;

    [download]
    There's no danger of source code injection here (unless there's an unseen use re 'eval' in an enclosing scope.

    Abigail

[reply]
[d/l]
[select]
      Took me a while to understand why the second was safe and the first wasn't. Thanks for putting them side by side, clearly labeled, for me to think about. I would have used the second without worry, and the first (anything with an eval on user data) always worries me, but that's just habbit. Looking at these two examples bumped it back up to real understanding again, which is always nice.
[reply]

In Section Seekers of Perl Wisdom