diff options
author | Tony Cook <tony@develop-help.com> | 2018-01-24 15:03:39 +1100 |
---|---|---|
committer | Tony Cook <tony@develop-help.com> | 2018-11-05 10:19:05 +1100 |
commit | e459aaffe40291395017cc002fc6d261e7cae0ae (patch) | |
tree | 2dae59e2da7acd1d1d1229ad485321e085e149ee /ext/SDBM_File | |
parent | f196658042490a6287fc178f0bc20fd5558ac54b (diff) | |
download | perl-e459aaffe40291395017cc002fc6d261e7cae0ae.tar.gz |
(perl #132147) add security warnings to the *DBM_File modules
Diffstat (limited to 'ext/SDBM_File')
-rw-r--r-- | ext/SDBM_File/SDBM_File.pm | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ext/SDBM_File/SDBM_File.pm b/ext/SDBM_File/SDBM_File.pm index 5df9085760..7be9263417 100644 --- a/ext/SDBM_File/SDBM_File.pm +++ b/ext/SDBM_File/SDBM_File.pm @@ -119,6 +119,14 @@ This warning is emitted when you try to store a key or a value that is too long. It means that the change was not recorded in the database. See BUGS AND WARNINGS below. +=head1 SECURITY WARNING + +B<Do not accept SDBM files from untrusted sources!> + +The sdbm file format was designed for speed and convenience, not for +portability or security. A maliciously crafted file might cause perl to +crash or even expose a security vulnerability. + =head1 BUGS AND WARNINGS There are a number of limits on the size of the data that you can |