Re: Re: Re: Re: Re: Re: Re: Re: (Ovid -- bug in your hand-rolled CGI code) Re: Pushing w/ an associative array?

And then you get all this coded, and someone calls your script handing it a bunch of parameters you don't expect. If you act on them, you are in for a big surprise. But how will you know to reject them? Right... you'll need to know this in the script. Now you're back to a list of known parameters, and you don't need to handle "anything that comes in". End of problem.

-- Randal L. Schwartz, Perl hacker

Comment on Re: Re: Re: Re: Re: Re: Re: Re: (Ovid -- bug in your hand-rolled CGI code) Re: Pushing w/ an associative array?

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: Re: Re: Re: Re: (Ovid -- bug in your hand-rolled CGI code) Re: Pushing w/ an associative array? by chipmunk (Parson) on Dec 28, 2000 at 00:09 UTC
I don't see how accepting arbitrary keys is automatically a security hole. That rather depends on what is done with the keys. If all you're doing is writing to a file, for example, I don't see that writing out arbitrary keys increases the risk over writing out known keys. (And if your script is written to expect arbitrary keys, then there are no keys that are unexpected. :)	[reply]
(tilly) Re*: Pushing with an associative array by tilly (Archbishop) on Feb 07, 2001 at 21:17 UTC
merlyn was responding to a request for one variable to have the name of another. This is a bad idea for reasons that Dominus explained at length here. Of course accepting and processing arbitrary keys in a safe manner (eg in a hash) is safe. The only possible confusion then will be that (like globals) the same name will get used twice in two places and the two will get confused for each other. Of course then you just have multiple keys which between them are a unique identifier. One for the data elment in the form, one for the form.	[reply]
Re: (tilly) Re*: Pushing with an associative array by chipmunk (Parson) on Feb 07, 2001 at 21:28 UTC
Thanks for the reply! It's nice to get some feedback on this node. Going back to the original node, I see that the poster asked "how do I make an associative array that holds each of the variable names and its corresponding value?" There was never any question of symbolic references, or even of using CGI's import_names method. The original poster was simply using 'variable name' to mean 'parameter name'. So, really, it seems that we agree. Accepting arbitrary parameters in a CGI script is not necessarily a security risk. It becomes a risk only if the parameters are handled in an unsafe way.	[reply]