|
|
|
| Perl Monk, Perl Meditation | |
| PerlMonks |
Current Perl documentation can be found at perldoc.perl.org.
Here is our local, out-dated (pre-5.6) version:
See Laundering and Detecting Tainted Data. Here's an example (which doesn't use any system calls, because the
kill() is given no processes to
signal):
sub is_tainted {
return ! eval { join('',@_), kill 0; 1; };
}
This is not -w clean, however. There is no -w clean way to detect taintedness - take this as a hint that you should
untaint all possibly-tainted data.