Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • Davorg knocked up a script that contained:

        my $file = DUMP . $mime->filename(1);
        open FILE, '>', $file or die $!;

    What happens when I send you an attachment with a filename of ../../../../../home/davorg/.ssh/authorized_keys, or perhaps more innocently .htaccess?

    This is an excellent use for File::Basename, and Aristotle's previous sysopen() involving O_EXCL|O_CREAT.

    No prizes for guessing which course [perltraining.com.au] I've been recently reviewing.