[Buffalo-pm] Asterisk Wildcard When Running Command viaExec...

Kevin Eye eye at buffalo.edu
Thu Jul 6 13:20:57 PDT 2006 

> P.S - I am using the following regex to certify the input as valid:
> 
> $cgi->param('host') =~ /^[\w\d\-]+$/

That looks good. I can't think of a way for special shell characters to slip
through that.


> I tried the:
> 
> exec ("/bin/grep", "$wordToFind", glob "/var/adm/messages*");
> 
> ...but it didn't work. Do I need to include "use File::Glob ':glob';"?
> This is running on a solaris 8 machine.

Not sure why it doesn't work. I've never used File::Glob; just the built-in
glob.

When I say:
print join("\n", glob "/*");

I get lots of directories and files at the root of my system. Do you? I'm
not sure what would be wrong.

 - Kevin


>>>> "Kevin Eye" <eye at buffalo.edu> 07/06/06 2:42 PM >>>
> This is a feature -- when you use more than one arg with system or
> exec, it
> doesn't send the arguments through the shell, so that things like
> spaces in
> filenames and maliciously coded input doing unexpected things.
> Wildcard
> expansion, IO redirection and other nifty things are done by the
> shell,
> though, so you don't get them anymore.
> 
> One way to get the behavior you want would be to use one long string
> argument to exec like this:
> exec("/bin/grep $wordToFind /var/adm/messages*");
> 
> That will run it though the shell, expanding the wildcard, but also
> possibly
> doing very bad things if $wordToFind isn't always safely escaped.
> 
> A better way is to use the glob function, which expands asterisks on
> file
> names. Try this:
> exec ("/bin/grep", "$wordToFind", glob "/var/adm/messages*");
> 
>  - Kevin
> 
> 
> On 7/6/06 2:34 PM, "DANIEL MAGNUSZEWSKI" <dmagnuszewski at mandtbank.com>
> wrote:
> 
>> Mongers,
>> 
>> I am trying to grep from multiple files, named: messages,
> messages.0,
>> messages.1, messages.2, etc. What I'd like to do is grep through all
> of
>> these at once. The command to do this is:
>> 
>> grep <wordToFind> /var/adm/messages*
>> 
>> So what I've tried doing is the following:
>> 
>> my $wordToFind = 'router1';
>> open (PROGRAM, "-|")  or exec ("/bin/grep", "$wordToFind",
>> "/var/adm/messages*");
>> 
>> The asterisk seems to break, and I get no information. When I remove
>> the asterisk:
>> 
>> my $wordToFind = 'router1';
>> open (PROGRAM, "-|")  or exec ("/bin/grep", "$wordToFind",
>> "/var/adm/messages");
>> 
>> ...then everything works fine, but only greps through that one file.
>> How can I declare a wildcard within this code - if at all?
>> 
>> Thanks.
>> 
>> -Dan
>> 
>> _______________________________________________
>> Buffalo Perl Mongers Homepage
>> http://buffalo.pm.org
>> 
>> Buffalo-pm mailing list
>> Buffalo-pm at pm.org
>> http://mail.pm.org/mailman/listinfo/buffalo-pm

-- 
Kevin Eye
Web Applications Developer
Marketing and Creative Services
University at Buffalo
330 Crofts Hall
Buffalo, NY 14260
eye at buffalo.edu
phone (716) 645-5000 x1435
fax (716) 645-3765

More information about the Buffalo-pm mailing list