Glad to be of help. =)
Well a few things that I noticed is that you need to modify the second condition...
No you don't. Lets have a look at the code again:
# in case of success: return a 'true' value (1 or a useful value) # in case of error: return a 'false' value (0 or undef) sub verify_port { my $value = shift; # user provided input should be viewed as toxic - do not # trust until proven to contain a sane value if (defined $value and $value =~ /\A (\d+) \z/xms) { my $port = $1; if ($MIN_TCP_PORT <= $port and $port <= $MAX_TCP_PORT) { return 1; # or TRUE or $port } } return 0; # or FALSE or undef }
As stated in the function's comment, the function is supposed to return a 'true' value if everything is alright and a 'false' value in case it isn't. (You did it the other way round - return FALSE if the port is fine and TRUE if it isn't.) So what I am doing is to make sure the provided port is defined, an integer and _inside_ the allowed port range. Only then '1' (or TRUE or $port) is returned.
In all other cases (e.g. value is undefined or outside the allowed port range) then the function will return '0' (or FALSE or undef)
Question, why are you assigning the $value to a new value $port = $1. Is there a specific reason?
It is just an additional safeguard to make sure I perform the second check against a validated value. Additionally if you choose to return $port instead of 1 or TRUE then you can use the function to untaint your external / user-provided input.
http://perldoc.perl.org/perlsec.html#Taint-modeIn reply to Re^7: RFC: Net::SNTP::Client v1
by Monk::Thomas
in thread RFC: Net::SNTP::Client v1
by thanos1983
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |