in reply to Read/Write ASCII file

 A better way would be avoid the external grep command - unless you want people to be able to delete all your files!

 Your code looks like this:

$ItemForm   = param('item');
$OldLine = `grep $ItemForm stock.dat`;

[download]

 Because you're not validating the input at all, (I'm suprised that the -T flag doesnt catch this), a malicious user could pass something like:

/cgi-bin/script.cgi?item=t%20/etc/passwd;%20rm%20-rf%20~;echo

[download]

 This would make your command:

`grep t /etc/passwd; rm -rf ~; cat stock.dat`

[download]

 You see the problem? ;)

Steve
---
steve.org.uk

Replies are listed 'Best First'.
Re: Security problem in your code ...
by Anonymous Monk on Jun 08, 2003 at 00:00 UTC
    Steve,

    This Sub is called after an extensive validation(the $item should exist in the stock, the amount should be in certain range...etc,) I just didn't post all the script for the sake of simplicity.

    Cheers,
[reply]

       That's good to know - I almost assued you'd do it, but I thought it was worth replying anyway for the benefit of people who might not be so careful.

      Steve
      ---
      steve.org.uk
[reply]

In Section Seekers of Perl Wisdom