On Tue, Nov 15, 2005 at 06:48:40PM -0500, Jeff 'japhy' Pinyan wrote:
[ ... ]
> *whew*
>
> Frankly, I find the 'eval "1 || $blank" || 1' silly, since the whole
> reason the '... || 1' is needed is since $blank is a blank string and the
> code '1 || ' is invalid Perl. Long story short, I'd have written:
>
> sub is_tainted {
> return not eval { eval 1 . substr($_[0], 0, 0) };
> }
>
> It's much more concise. If $_[0] isn't tainted, then
>
> not eval { eval 1 . substr($_[0], 0, 0) }
> ->
> not eval { eval 1 }
> ->
> not eval { 1 }
> ->
> not 1
> ->
> false
>
> whereas if $_[1] is tainted, then the eval { ... } returns false since a
> fatal error is raised because
>
> eval 1 . substr($_[0], 0, 0)
>
> is illegal if $_[0] is tainted.
I would be wary of even this solution. The backwards compatibility
police would probably catch it, but someone might say that a zero length
string could never be tainted and then this code would break.
I would go with Scalar::Util::tainted().
--
Paul Johnson - [EMAIL PROTECTED]
http://www.pjcj.net
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
