[sf-perl] Worry about bsd_glob() generated paths?
Chris Palmer
chris at noncombatant.org
Mon May 9 17:15:59 PDT 2005
David Alban writes:
> not -e $path and complain();
> $age = -M _;
>
> File::Glob warns that all values returned are tainted. Fine. But all
> I'm really doing with the paths is calling stat() with them, and
> print() (and possibly printf()). Do I really need to check to see if
> they contain bad characters in this situation?
Unless you're opening the files and print[f]ing TO them, then no. stat
does not trigger taint mode's paranoia. This code works fine (I use die
in place of your complain):
#!/usr/bin/perl -T
use strict;
use warnings;
my $age;
for (@ARGV) {
die $! unless defined ($age = -M $_);
print "$age\n";
}
More information about the SanFrancisco-pm
mailing list