Well its rather more philosophical question, than a real life situation... Why I would like to "replace bits of a tainted string with other bits and continue to consider it tainted"?
Well simple example
sub get_file_and_args {
my ($path, ) = @_;
my (@info, );
while (1) {
last if ((@info = stat ($path)));
last if ($path !~ s{^(/.+)(/+.*)}{$1});
push (@args, $2);
}
return ($path, \@args);
}
where
$path = '/path/to/a///file/with///few//args';
and is tainted.
Later on I want to force checking both $path and @args values (by tainting them) because I cant really be sure who and how is using them. Im not discussing if the same result can be achieved in any other 'better' or elegant way because the answer is 'yes, of course!' - I just want to show that there might be a reason "to replace bits of a tainted string with other bits and continue to consider it tainted".
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.