[Chicago-talk] canonical is_tainted()?
Randal L. Schwartz
merlyn at stonehenge.com
Wed Aug 4 10:32:03 CDT 2004
>>>>> "Mike" == Mike Fragassi <frag at ripco.com> writes:
Mike> Andy -- what was the is_tainted from your talk last night?
Mike> The is_tainted from the most recent perlsec isn't the same:
Mike> sub is_tainted {
Mike> return ! eval { eval("#" . substr(join("", @_), 0, 0)); 1 };
Mike> }
Mike> but I recall that the one on your slide seemed to make more sense.
>From Taint.pm, in the CPAN (by Stonehenge Employee of the Year Tom Phoenix):
sub any_tainted {
not eval { join("", @_), kill 0; 1 };
}
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
More information about the Chicago-talk
mailing list