blob: 53873fca4ca0c4b4bb204a37c73ce3090237b021 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
package re;
$VERSION = 0.02;
=head1 NAME
re - Perl pragma to alter regular expression behaviour
=head1 SYNOPSIS
use re 'taint';
($x) = ($^X =~ /^(.*)$/s); # $x is tainted here
use re 'eval';
/foo(?{ $foo = 1 })bar/; # won't fail (when not under -T switch)
{
no re 'taint'; # the default
($x) = ($^X =~ /^(.*)$/s); # $x is not tainted here
no re 'eval'; # the default
/foo(?{ $foo = 1 })bar/; # disallowed (with or without -T switch)
}
=head1 DESCRIPTION
When C<use re 'taint'> is in effect, and a tainted string is the target
of a regex, the regex memories (or values returned by the m// operator
in list context) are tainted. This feature is useful when regex operations
on tainted data aren't meant to extract safe substrings, but to perform
other transformations.
When C<use re 'eval'> is in effect, a regex is allowed to contain
C<(?{ ... })> zero-width assertions (which may not be interpolated in
the regex). That is normally disallowed, since it is a potential security
risk. Note that this pragma is ignored when perl detects tainted data,
i.e. evaluation is always disallowed with tainted data. See
L<perlre/(?{ code })>.
See L<perlmodlib/Pragmatic Modules>.
=cut
my %bitmask = (
taint => 0x00100000,
eval => 0x00200000,
);
sub bits {
my $on = shift;
my $bits = 0;
unless(@_) {
require Carp;
Carp::carp("Useless use of \"re\" pragma");
}
foreach my $s (@_){
if ($s eq 'debug') {
eval <<'EOE';
use DynaLoader;
@ISA = ('DynaLoader');
bootstrap re;
EOE
install() if $on;
uninstall() unless $on;
next;
}
$bits |= $bitmask{$s} || 0;
}
$bits;
}
sub import {
shift;
$^H |= bits(1,@_);
}
sub unimport {
shift;
$^H &= ~ bits(0,@_);
}
1;
|
