in reply to system call with semicolon in argument

You failed to convert your program's arguments into shell literals when you built your shell command. You're lucky someone didn't pass `rm -rf /` for $formValue! People need to think before inserting a string into another.

The simplest fix is to avoid the shell: 

open(my $fh, '-|', '/usr/sbin/ubsetenv', $currParam, $formValue)
    or die("fork: $!\n");

local $/;
my $output = <$fh>;

[download]

Replies are listed 'Best First'.
Re^2: system call with semicolon in argument
by cbanker (Beadle) on Sep 16, 2009 at 18:18 UTC
    I was already escaping the backslash as LanX mentioned. I ended up using ikegami's solution, which worked great and also doesn't require escaping the semicolon in the input. It is definitely a better and safer solution than what I was using before.
[reply]

In Section Seekers of Perl Wisdom