http://qs321.pair.com?node_id=11134556


in reply to Debugging a module that's failing under taint mode

Is there some reason you can't run the code under the debugger or, even better, use an IDE such as Komodo? You can require the module instead of useing it so you can debug the load process.

But really, you need to untaint $RealBin. Something like:

BEGIN
    {
    use FindBin qw($RealBin);

    my ($cleanPath) = $RealBin =~ m/(some sane path match here)/;
    use lib $FindBin::Bin;
    }

[download]
Optimising for fewest key strokes only makes sense transmitting to Pluto or beyond

Replies are listed 'Best First'.
Re^2: Debugging a module that's failing under taint mode
by Bod (Parson) on Jul 01, 2021 at 22:45 UTC
    Is there some reason you can't run the code under the debugger or, even better, use an IDE such as Komodo?

    I can't use an IDE as this is running on shared hosting.

    Having never used the Perl debugger, I would not know where to start or how to use the information it gave me. Perhaps I should look at it.

[reply]
      "I can't use an IDE as this is running on shared hosting."

      Of course you can use an IDE. There are several ways you can go about it depending on the IDE, but at least you can copy the code to your local machine mocking up parts of the system as needed. At best your IDE can connect to a remote system and let you debug the code running on that system. Using a good IDE for debugging is vastly more productive than any other technique.

      While not as good as an IDE, the Perl debugger allows you to place breakpoints to pause execution while you inspect the state of variables. You can then trace through code one statement at a time to see where execution really goes. See perldebtut. If you do any significant amount of coding the time spent to use a debugger will be paid back in time saved many times over!

      Optimising for fewest key strokes only makes sense transmitting to Pluto or beyond
[reply]

In Section Seekers of Perl Wisdom