Re: Re: Perl cgi question

Great thanks, tachyon!

What is "\000" and how does it pose a security risk? Do you filter it out like this:

$str = '\000';
$str =~ s/\000//g;
[download]

Comment on Re: Re: Perl cgi question Download Code

Replies are listed 'Best First'.
Re: Re: Re: Perl cgi question by tachyon (Chancellor) on Apr 12, 2004 at 06:38 UTC
\000 0x00 \0 00000000b or %00 url encoded is a null byte. It is the string terminator in C and can have interesting effects in certain circumstances. Google for perl null byte hack or similar. Your substitution will do the job, although `tr/\0//d` is faster FWIW. cheers tachyon	[reply] [d/l]