Earlier today a friend asked me to help him install a fairly simple CGI that is similar to the infamous formmail.pl from Matt's Script Archive. He was having trouble with the server throwing "Internal Server Error" messages and since the permissions looked right and we did not have access to the error logs, I dove into the source to find the problem.

Well, the code was a mess. No strict, no warnings, no CGI module. They had hand rolled their own parser for postdata parameters. I modified it to the point where it uses the CGI module, warnings, taint mode, and strict. I also hardened a few sections of the code that might have been exploitable.

I then went and made quite a few other improvements because, well, I was bored. The header (which comprises all of the documentation of the script) says, "there are no restrictions on this script," and "this script may not be redistributed without this header." I sent an email to the company that distributes the original script and asked for permission to distribute my changes even though I felt that the documentation had given me the right to do so as long as I included the header. The company does not even claim a copyright on the script.

You can probably guess where this is going. They sent me a polite email telling me in no uncertain terms that I could not make my changes publicly available. I have reduced a 250 line script to less than 200 lines. In the course of this I have significantly modified or written from scratch more than half of the current source code. I would consider rewriting the script from scratch in the spirit of Not Matt's Scripts, but I'm afraid that I am already too familiar with the code to create a legitimate independant implementation. Any advice?

--
IndyZ

In reply to Blackbox implementation, but.... by IndyZ

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.