package re; $VERSION = 0.02; =head1 NAME re - Perl pragma to alter regular expression behaviour =head1 SYNOPSIS use re 'taint'; ($x) = ($^X =~ /^(.*)$/s); # $x is tainted here $pat = '(?{ $foo = 1 })'; use re 'eval'; /foo${pat}bar/; # won't fail (when not under -T switch) { no re 'taint'; # the default ($x) = ($^X =~ /^(.*)$/s); # $x is not tainted here no re 'eval'; # the default /foo${pat}bar/; # disallowed (with or without -T switch) } use re 'debug'; # NOT lexically scoped (as others are) /^(.*)$/s; # output debugging info during # compile and run time (We use $^X in these examples because it's tainted by default.) =head1 DESCRIPTION When C is in effect, and a tainted string is the target of a regex, the regex memories (or values returned by the m// operator in list context) are tainted. This feature is useful when regex operations on tainted data aren't meant to extract safe substrings, but to perform other transformations. When C is in effect, a regex is allowed to contain C<(?{ ... })> zero-width assertions even if regular expression contains variable interpolation. That is normally disallowed, since it is a potential security risk. Note that this pragma is ignored when the regular expression is obtained from tainted data, i.e. evaluation is always disallowed with tainted regular expresssions. See L. For the purpose of this pragma, interpolation of precompiled regular expressions (i.e., the result of C) is I considered variable interpolation. Thus: /foo${pat}bar/ I allowed if $pat is a precompiled regular expression, even if $pat contains C<(?{ ... })> assertions. When C is in effect, perl emits debugging messages when compiling and using regular expressions. The output is the same as that obtained by running a C<-DDEBUGGING>-enabled perl interpreter with the B<-Dr> switch. It may be quite voluminous depending on the complexity of the match. See L for additional info. The directive C is I, as the other directives are. It has both compile-time and run-time effects. See L. =cut my %bitmask = ( taint => 0x00100000, eval => 0x00200000, ); sub bits { my $on = shift; my $bits = 0; unless(@_) { require Carp; Carp::carp("Useless use of \"re\" pragma"); } foreach my $s (@_){ if ($s eq 'debug') { require DynaLoader; @ISA = ('DynaLoader'); bootstrap re; install() if $on; uninstall() unless $on; next; } $bits |= $bitmask{$s} || 0; } $bits; } sub import { shift; $^H |= bits(1,@_); } sub unimport { shift; $^H &= ~ bits(0,@_); } 1;