Re^2: safe method to execute perl code with user input?

Replies are listed 'Best First'.
Re^3: safe method to execute perl code with user input? by moritz (Cardinal) on Jun 21, 2011 at 14:52 UTC
Are you suggesting that it is possible for me to put destructive code (if even by mistake) in the box and reap the results? It is very likely that it's possible to enter a regex that will make the editor (or at least the thread in the editor that does the search) hang. Just try the regex from the blog post I linked to, with the same test data as the blog post uses. But it is unlikely that you can execute arbitrary code from the search/substitution box, unless the author of the editor screwed it up. Perl 6 - second systems done right	[reply]
Re^3: safe method to execute perl code with user input? by Perlbotics (Archbishop) on Jun 21, 2011 at 14:48 UTC
Maybe you can just run the substitution and limit it by time and/or number of replacements? Here's a quick'n dirty example: use strict; use warnings; { my $count; my $timeout; sub set_count { $count = shift; } sub set_timeout { $timeout = $_[0] ? time() + $_[0] : 0; } sub limited_subst { my ($from, $replacement) = @_; die "Too many replacements!" unless $count--; die "Time is up!" if $timeout and time() > $timeout; sleep(1); # just for demonstration! # warn "Replacing $from -> $replacement\n"; return $replacement; } } sub test_replace { my ($string, $from, $replacement, $limit, $timeout_epoch) = @_; my $rollback = $string; set_count( $limit ); set_timeout( $timeout_epoch ); eval { $string =~ s/ ($from) / limited_subst($1, $replacement ) /gxe; }; if ($@) { print "Oops! $@"; $string = $rollback; } return $string; } my $string = "la " x 30; print "Checking with no real limit:\n"; print "in : $string\nout: ", test_replace($string, 'la', 'ho!', -1, 0) +, "\n\n"; print "Checking with subst_limit 3:\n"; print "in : $string\nout: ", test_replace($string, 'la', 'ho!', 3, 0) +, "\n\n"; print "Checking with timeout 3:\n"; print "in : $string\nout :", test_replace($string, 'la', 'ho!', 30000, + 3), "\n\n"; __END__ Output: Checking with no real limit: in : la la la la la la la la la la la la la la la la la la la la la la + la la la la la la la la out: ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! h +o! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! ho! Checking with subst_limit 3: Oops! Too many replacements! at 910736.pl line 15. in : la la la la la la la la la la la la la la la la la la la la la la + la la la la la la la la out: la la la la la la la la la la la la la la la la la la la la la la + la la la la la la la la Checking with timeout 3: Oops! Time is up! at 910736.pl line 16. in : la la la la la la la la la la la la la la la la la la la la la la + la la la la la la la la out :la la la la la la la la la la la la la la la la la la la la la la + la la la la la la la la [download] Another idea: Maybe, you can start a sub-process that operates in a limited shell? Important: I didn't scrutinized this for security holes!	[reply] [d/l]