-1

I'm looking for a 100% reliable solution, not dependent on input or environment or anything - I just want to 100%-for-certain make a scalar variable tainted :-)

cnd
  • 1,689
  • 16
  • 14

1 Answers1

1

I make no claims for perfect reliability. One should always create tests to ensure that code is working as expected on each new system.

However, if you open a file handle to a scalar reference, the results of the readline appear to be tainted:

#!/usr/bin/env perl -T
use strict;
use warnings;

use Scalar::Util qw(tainted);

my $var = 0.13;

print tainted($var) ? "Yes, tainted: $var\n" : "Nope, all clean: $var\n";

$var = taint_string($var);

print tainted($var) ? "Yes, tainted: $var\n" : "Nope, all clean: $var\n";

sub taint_string {
    my $value = shift;

    warn "Not going to work on references" if ref $value;

    open my $fh, '<', \$value or die "Can't open: $!";
    local $/;    # Slurp
    return <$fh>;
}

Outputs:

Nope, all clean: 0.13
Yes, tainted: 0.13
Miller
  • 34,962
  • 4
  • 39
  • 60
  • good grief! clever, and oh-so far out of left-field. Thanks! – cnd Oct 26 '14 at 18:05
  • Glad I could help. Please note that even though this appears to work right now, there's no guarantee that it will work in future versions of Perl. Therefore, if you rely on it in any way, you should create a test script to ensure your desired behavior if your system specs change. – Miller Oct 26 '14 at 18:35