|
Re: detecting $& usage
by ysth (Canon) on Jan 27, 2004 at 03:00 UTC
|
Devel::SawAmpersand, and no there's no way to turn them off that I know of. Though I think the effect of these is greatly overrated (unless perhaps you are working with huge strings).
5.10.0 may have support for building perl with special copy-on-write handling. I think benchmarks are showing no real gain using this, but if you are seeing a real hurt from $&, your case may be an exception.
Update: seems you can put BEGIN { $::{"&"}=*a } in and nuke support for $& (and do same for $' and $`). That's going to break whatever uses $&, though. Not to mention voiding your perl warranty. | [reply]
[d/l] |
|
|
Thanks. My application is a verilog authoring tool that includes a perl based parser (using m/\G//). It also allow users to embed perl that I "eval". So, I am not the author of all code. If the user code uses "$&" then my tool slows down 20X. It is a big deal to this program. The parser re-evaluates the front/back of a huge string with every string search. My program crawls.
| [reply] |
|
|
My application is a verilog authoring tool that includes a perl based parser (using m/\G//). It also allow users to embed perl that I "eval". So, I am not the author of all code. If the user code uses "$&" then my tool slows down 20X.
Then why is it your problem? The user could put in a
sleep 1_000_000_000 as well, or use a billion
other ways to slow down the entire program. That's the risk
you take when evalling code. You might as well disallow all
Perl primitives.
Abigail
| [reply]
[d/l] |
|
|
|
|
|
|
|
Perhaps a simple check of their code for the offending variables, and then either reject them, or run them via a system() call to a seperate Perl process. At least that way a single use of the variables wont affect the entire body of code.
Unfortunately the problem here is that if the engineers are crafty it will be nearly impossible to prevent them from using these vars or for detecting when they have done so.
Which means that in the end Abigail is correct. The best way to resolve this problem is to train the engineers not to use them.
---
demerphq
First they ignore you, then they laugh at you, then they fight you, then you win.
-- Gandhi
| [reply]
[d/l] |
|
|
|
|
|
|
If you are evaling perl users are uploading, then you should be able to double check the code that is being uploaded for anything you want -- including the use of $', $`, and/or $&. You could take a friendly approch (i.e. match $content =~ m/\$'/) and spit out a warning, or be a little more beligerent (exit 1 if ($content =~ m/\$'/)</code>). Of course, couldn't you put the file in a seperate file and run that as a seperate process? That would allow you to give users the power of $' with none of the problems for you.
| [reply]
[d/l]
[select] |
|
|
| [reply] |
|
|
Yes. Apply rm -rf to suitable portions of your hard drive to return it.
| [reply]
[d/l] |
Re: detecting $& usage
by halley (Prior) on Jan 27, 2004 at 13:11 UTC
|
Remember, a plain use English; will incur the penalty of &`, $& and $' just by associating English names to them. See English for the workaround.
--
[ e d @ h a l l e y . c c ]
| [reply]
[d/l] |
Re: detecting $& usage
by ysth (Canon) on Jan 27, 2004 at 03:56 UTC
|
| [reply] |
Re: detecting $& usage
by crabbdean (Pilgrim) on Jan 27, 2004 at 04:08 UTC
|
Sometimes I like to consider code from a non-programming POV. It would seem that if a user has a $& type variable in their code you simply don't want to use it, so they'll have to rewrite their code anyway. With that in mind, can you read their code before running it to see if it contains one of these characters and if it does reject the code outright? Eg. output an error message to them saying that the variables use is illegal and they need to rewrite it? From there you only have to write a simple test into whatever you have to read their code first. Just a suggestion anyway, that may save you having to code around the $& variable.
Dean | [reply] |
Re: detecting $& usage
by CountZero (Bishop) on Jan 27, 2004 at 21:06 UTC
|
What about B::FindAmpersand? As per the docs it is A compiler backend to find variables that set sawampersand and it is used as follows: perl -MO=FindAmpersand file.plSorry, I haven't tried it as it is not installed on my system and it needs some compiling, which is rather difficult without a C compiler :( Neither have I been able to find a PPM package, so use it at your own risk, but it looks as if it could actually take a file and check it for the 'forbidden symbols'.
CountZero "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law
| [reply]
[d/l] |
| A reply falls below the community's threshold of quality. You may see it by logging in. |
