Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:
Hi,
I am trying to have my script taint a incoming stock symbol that is entered through a html form. Most stock symbols work and the page ends up loading fine when parsing the form data inputted.
However this one symbol seems to stop my script from loading up normal. It just stalls and stalls until it finally gives me a timeout error. Also, when using this symbol, it seems that my CPU usage goes up to 100%! ITs as if its causes a buffer overflow in the script.
The stock symbol I'm talking about is AIDO.OB
For all other stock symbols , my script look fine, but when I type in "AIDO.OB", it gives me this constant problem.
Heres the Regex I'm using to taint:
Thanks
I am trying to have my script taint a incoming stock symbol that is entered through a html form. Most stock symbols work and the page ends up loading fine when parsing the form data inputted.
However this one symbol seems to stop my script from loading up normal. It just stalls and stalls until it finally gives me a timeout error. Also, when using this symbol, it seems that my CPU usage goes up to 100%! ITs as if its causes a buffer overflow in the script.
The stock symbol I'm talking about is AIDO.OB
For all other stock symbols , my script look fine, but when I type in "AIDO.OB", it gives me this constant problem.
Heres the Regex I'm using to taint:
Any ideas why this is doing it? I'm using ActiveState Perl btw on a WinXP server with IIS 5.0.$stock_symbol = $INPUT->param('stock_symbol'); if ($stock_symbol =~ /^([-\@\w.]+)$/ && length($stock_symbol) < 11 + && $stock_symbol ne "") { $stock_symbol = $1; } else { print "Invalid Symbol!\n"; exit;}
Thanks
Back to
Seekers of Perl Wisdom