zentara has asked for the wisdom of the Perl Monks concerning the following question:
The code being
So, in the interest of all good programmers everywhere, what would be the best defense against a buffer overflow, as shown above? How would one most efficiently and effectively take login information so the c libraries below, or Perl itself, are not locked up? If you were taking that sudo input pipe with perl code, how would you stop a code lockup with Perl as an input filter?perl -e 'print(("A"x 100 . "\x{00}") x 50)' | sudo -S id
I would write the code myself, but remember, laziness is a virtue, :-)
BTW I still see Perl as the best tool for bizarre code magic, and I've yet to really see it fail me when using it, whearas Python mixups between 2.7 and 3.5 ,pip, pip3, WTK******??????? x 50 just is off the wall crazy. Nothing works as good as CPAN. And remember, Perl comes with Perl/Tk and Perl/GTK2 which have much smaller footprints and libraries loaded that the other bloatware graphics coding schemes. :-) All the libraries come standard in most distros, same libs firefox uses.
.... in the immortal words of Winston Churchill, KBO.... I'm still alive in my cave...
I'm not really a human, but I play one on earth. ..... an animated JAPH