in reply to Re: Re: Untaint IP address/hostname question
in thread Untaint IP address/hostname question

Not sure that regex above works all that well as an untainter:)... it allows:
999.000.999.000

I disagree. See Re: Untaint IP address/hostname question.

  • Comment on Re: Re: Re: Untaint IP address/hostname question

Replies are listed 'Best First'.
Re: Re: Re: Re: Untaint IP address/hostname question
by hsinclai (Deacon) on Mar 11, 2004 at 13:46 UTC
    If you mean the next program down the line should finally decide whether the IP address is valid, I disagree.

    In this situation this regexp should deal with the lower level checking of the basic address validity. 999.000.999.000 is not a valid IP address. Otherwise you're allowing garbage input further down the chain of execution, while you bask in your cerebral interpretation of the definition of "taint" :)


    you'll have to check what characters that program accepts.

    What program that deals with IP addresses will accept "999.000.999.000" as valid? Do you mean we have drop everything, and go check with that program first?
[reply]

In Section Seekers of Perl Wisdom